A study by Roaring Penguin has discovered that during the past three weeks, the amount of spam originating from Gmail has risen sharply while spam originating from Yahoo and Hotmail remained flat or dipped slightly. Experts say this huge rise in spam is thanks to the cracking of Google’s CAPTCHA system. Spammers came up with an OCR scanner that was smart enough to read it and as a result were able to create large numbers of accounts to spam with.
From June 13th through July 3rd, spam from Google rose from 6.8 percent to 27 percent. Aside from the successful CAPTCHA cracking, spammers also find Google attractive because of their strong reputation, which makes it highly unlikely the gmail.com domain would ever be blacklisted. Google’s response to the study was rather weak:
We expect spammers to use every means possible to try to send spam. That’s why we have a robust spam-fighting effort at Google. We disable these accounts immediately and will continue to do so.
Simply changing their CAPTCHA won’t be enough. Google needs to take a hard look at it’s sign up process and outgoing mail and come up with better filtering and verification features. Until then, the spammers will have the advantage.