We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Twenty-Four Seven Security

Peter Schooff

2007 - Spam is Back with a Bang

Vote 0 Votes

Two years ago, Microsoft's Bill Gates predicted that by the year 2006, spam would be finished. While even at the start of this year it looked like Gates' prediction might still come true, since then spam has experienced a resurgence. You could say 2006 is the year spam returned with a vengeance.

The recent surge in spam can be attributed to two main factors: the rise of botnets and image spam. As I've blogged before, Botnets refer to massive collections of computers that have been infected with malicious software, generally without the computer owner's knowledge, so that they can be controlled by an external operator. Botnets are often created solely to spread spam. And where spam could once be fought by shutting down the source of the spam (and was probably the reason for Bill Gates' optimism), botnets exponentially increase the number of computers used to send out spam. Botnets have been uncovered that range in number from a few thousand to more than one million infected computers, making shutting down every single one impossible.

The other factor in spam's recent rise is the switch from text to image-based spam. Where just a year ago filters were having great success screening out spam by searching for words like "stock" and "sex" and "enlarge," the new spam comes with the sales pitch entirely embedded in an image, severely hampering the detection abilities of many spam scanners. And with spam flooding inboxes, this will inevitably lead to a shakeout in the industry as customers search for better methods to stay on top of this deluge.

Spam's change in tactics has also brought with it a major change in content. While there are still plenty of spam emails promising easy riches or offering an impossible pharmaceutical miracle, my company, Message Partners, has kept a close watch on several new and more dangerous types of spam that we expect to see much more of in 2007.

The first is the stock pump-and-dump scam. While this scam has been around since the inception of the internet (and long before that), only recently has it come to encompass hyper-aggressive spamming. This type of spam is easy to spot, as the subject line just about screams out the latest hot stock pick. The fact that simply mentioning a stock's name to millions of people in an email inevitably drives up the stock's price, coupled with the fact that spammers can make money directly from buying and selling stock without having to rely on a secondary sales site, means this type of spam is likely to stick around for some time.

The second and far more dangerous type of email that has come with the new wave of spam is known as phishing. Phishing is fake email that purports to be official email from a bank or legitimate website for the purpose of stealing password or financial information. Phishing emails, and the subsequent websites they link to, tend to steal their graphics directly from the sites they are trying to imitate, which means, visually, they are almost impossible to tell apart. While there have been countless warnings about never responding to, or clicking on a link from, any email asking for personal information, phishing has proven so effective that one can only conclude that all it takes is for a few phishing emails to make it into a few inboxes before someone gets hooked.

Bill Gates' prediction about spam's demise shows just how tricky it can be to make predictions about technology, but it seems self-evident that both the amount of spam and the dangers it poses will only increase in 2007. Also, the ease with which these crimes can be committed, along with the cash windfalls that can be won by even modest success, means that cyber crime has become a major focus of organized crime.

That is why my company, Message Partners, has never stopped focusing on building one of the most versatile and adaptable email engines available anywhere. We have also continually added to our state-of-the-art weapons to fight spam and viruses and phishing in whatever form they take. As James Joyce, the Director of Plug and Play computers, a major internet service provider in Australia, said, "Without Message Partners our systems and customers would be overloaded with junk email."

At Message Partners, we have never stopped believing that as long as we keep using email, email will keep trying to use us. And as email grows ever more important as a vital form of business communication, that makes choosing the right email platform all that much more essential.

With that said, I want to wish everyone happy holidays. In terms of the security sector, it has been a most challenging year, and it is only going to get more so. I am heading off to Michigan, where I'm from, for the holidays, but will be able to squeeze in a couple of more security blogs before the end of the year (but not until after Christmas).

Leave a comment

Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

Peter Schooff

Peter Schooff is Contributing Editor at ebizQ, and manager of the ebizQ Forum. Contact him at pschooff@techtarget.com

Recently Commented On

Monthly Archives