Return to our Homepage Consult our Internet Trends Archives Contact Internet Trends.org Internet Trends

Spammers always trying to get the upper hand





Choose the right words in your infomercials and advertorials. Have them done by professionals. Click here for more information.


SureMail™ is the most reliable email service there is. Get less spam and less email virusses. Unlimited autoresponders. Learn more by clicking here.
Add to del.icio.us     Digg this story Digg this

January 17, 2007

On any given day, email spammers often change their methods in trying to get the upper hand. The latest tactic is image-based spam, or the use of .jpg or .gif images in an effort to bypass today's sophisticated spam filters.

Simply because spam filters at ISPs and those installed on personal computers have become increasingly more efficient at detecting and deleting text-based spam, no matter how many different ways they try to spell keywords such as "mortgage" or "viagra," email spammers have now added a new dreaded weapon to their arsenal: graphic files!

Now, by spamming Internet users with a small .jpeg or .gif file with its embedded spam message, junk mail filters usually let the spam message go through. The problem is these image-based spam emails are considerably larger in size than text-based messages, which causes severe problems on today's mail servers and they also take much longer to be delivered.

Mikko Hypponen, chief research officer for antivirus vendor F-Secure says "this is the huge size increase in the global problem of e-mail spam. Even a small boost in image spam means a large increase in the file size of spam being sent around the Internet today."

Hypponen puts image-based spam at around 35 percent of all spam currently bombarding and slowing down the Internet. Hypponen added that the good news is that email accounts for very little of the overall Internet traffic globally. So, alarmist stories that image-based spam could bring the Internet to a crashing halt are largely exagerated.

"Today, the Internet as a whole is not going to come to a standstill from email spam, but email messages by themselves are a different thing," he said. SMTP-based email used today is the same design from the late 1960s when the Internet was born as a Defense Department project with just a few dozen users.

It still has no real authentication, no security and no guarantees of email delivery in its current protocol. "The only reason email works as well as it does is the goodwill of the people, because, on average, they aren't trying to break things," he said.

Peter Firstbrook, security research director for Gartner, confirmed the explosive effect of image spam on mail servers. He said it went from 6 percent of all spam in Q3 of 2006 to 30 percent by Q4, a near sevenfold increase in just a single quarter.

"As a whole, email isn't the biggest bandwidth hog, but it is a CPU and MTA [Message Transfer Agent] hog," he said. He's talked to clients that had to turn off mail queuing to allow the backlog to be processed, and as soon as they reopened the mail servers, they got bogged down again.

The solution isn't easy. Stopping to examine graphics files means a log jam at the mail server and MTA, which could mean lost or bounced emails. And while client-side spam blockers like Symantec's Brightmail and Cloudmark Desktop appear to work, still the first place to block spam messages are at the edge of the network: mail servers.

Most developers of client-side spam blockers, including Spam Assassin, Symantec and Cloudmark, do offer a server-side protection.

"It saves Internet bandwidth between the server and the user, and it doesn't pile up the user with image files. Most companies don't even want spam in their email servers. You've got to block it at the firewall, before the email server," said Hypponen.

Firstbrook agrees. "You have to drop all that junk at the entrance! You can't process everything. You gotta say, I can't trust this sender. I'm not accepting this message." That means if you get a dozen letters from a known spammer email address or IP address, it's likely that future letters will also be spam.

To get around this, authentication and secure delivery are necessary, along with reputation-based systems directly at the firewall. But there's a simpler solution, too: check your own computer!

"Eighty to ninety percent of email spam comes from bot-infected computers, and almost all North American spam comes from bots. There are more than 200,000 new bots every week. As a community, we're all less safe because of those people," said Firstbrook.

"Those people are regular users, most likely home users, whose computers are infected and they don't even know it, simply because they aren't using any form of security or malware detection.

Firstbrook said ISPs themselves are to blame partially, and they are in a position to know who is infected, simply because they can readily see the traffic patterns, and they should warn customers, if not shut them off completely.

America Online originally sold McAfee VirusScan but found it was more economical to give it away to its customers. "They got fewer helpdesk calls and saw less bandwidth use," Firstbrook continued. "Other ISPs need to follow this example and help their customers be more secure."

Add to del.icio.us     Digg this story Digg this

Source: Internet News





Internet Trends -- The Web's best Internet portal. Click here to return to our homepage.

Home | Trend Archives | Resources | Contact

    © Internet Trends.