« When CEOs Spam | Main | Spam Filter Gone Wild »

Most of you are probably familiar with the storm worm, which I blogged about here, and was one of the new generation of spam that, by adopting often alarming subject lines like deadly storms in Europe, are socially engineered to evoke immediate fear, and therefore bypassing people’s natural skepticism to opening unwanted email in order to infect computers with malicious software.

According to a recent report from Search Security, the Storm Worm is now bypassing many of the current spam and virus filters because it is now coming loaded with a PDF attachment. As this is a new approach, and the fact that so many businesses utilize PDF attachments, many of the spam and virus filters are being forced to quickly develop technology that can tell the difference between legitimate and spam PDF files.

While this new wave of spam is mainly being used to carry advertisements, experts worry that they could soon by carrying a much deadlier payload in the future. This could include code that could open computers up to remote operation and help build bigger botnets.

This change was also noted in a recent study by Commtouch, which found that PDF attachments have spiked in the last week and now account for 10-15% of all spam, and because PDF attachments tend to be 4 times larger, has resulted in an overall increase in spam traffic of 30 to 40 percent.

The current version of the storm warms attempts to represent itself as a greeting card from a family member, hoping to entice recipients into visiting a malicious website. The worm also recently used the 4th of July greeting as a possible enticement.

IT departments should make sure that their spam filters have PDF capability and should warn all employees to be suspicious of questionable PDFs from unknown senders.

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2127