How Spammers are Sidestepping Traditional Countermeasures

ebook-trends-publishing_id42682701-1When spam levels dropped a few months ago, people began wondering whether spam was finally going to meet its end. Of course, most people realized that the lulls in spammer activity wasn’t because they were getting bored with their business; instead they were the result of botnet take downs and anti-spam filters using better technologies to stop them.

But anything as profitable as computer based crime isn’t going to stop when the going gets tough. Spammers have faced challenges before and usually come back with new tactics to spread their junk mail and malware enhanced messages to their victims. Now, we are starting to see some of the changes they have made.

Compromised Web Hosts

In the past, spammers used armies of compromised desktops to send spam. These botnets ranged in size from 10,000 computers to 30 million. While effective, they drew a great deal of attention to themselves and efforts were made to shut them down and filter email messages that were sent by them. So the spammers stepped it up a notch.

Instead of compromising the desktop, the bad guys started going after web hosts. Web hosts offer attackers a much easier target as so many sites are set up each day using web applications that allow bad guys a way to compromise the site and use the host to send spam. As Malcolm James reports in the post above, spam sent from these hosts are almost four times more likely to bypass anti-spam filters than other types of spam.

Good Spelling and Good Grammar

For a while, phishing and spam emails were easy to spot because their were many spelling and grammatical mistakes. While many of these errors came as a result of non-native English speakers writing these emails, there were many that were intentional to bypass anti-spam filters who relied only on keywords to stop malicious emails before they made it to a victim’s inbox.

Because these mistakes gave potential victims clues that the email wasn’t legitimate, advanced attacks have taken measures to ensure that their messages are void of glaring mistakes. They have countered some of the red flags that are keyword based by sending fewer, but more targeted, emails to their victims instead of blanketing as many email addresses as possible.

Links to Bad Neighborhoods

Malicious emails were, for a long time, focused on marketing products like pharmaceuticals, casinos and online dating services. While emails are still used to promote products, malicious links are starting to be the favorite payload for cyber criminals.

Able to avoid simple attachment scanning that some anti-spam solutions rely on, an email that contains a link looks harmless to both the technical controls and the recipient. The link, however, doesn’t always take you to a safe place. Attackers, instead of attaching a malicious file to the email, have taken to using links that send potential victims to a web site that exploits the browser and downloads the malware to the computer. Known as a drive by download, the victim is rarely aware that their computer has been infected until it is too late.

Different Flavors of Spam

Email spam isn’t the only type of spam that is sent nowadays. Scammers have realized that organizations who use reliable anti-spam filters are difficult to exploit so they have gone down some different paths.

Sending spam through social networks, text messages (SMS) and comment systems has become a fall back for many cyber criminals who don’t have the skills or funds to bypass advanced technical solutions. Luckily, some anti-spam solutions are provide controls to help prevent these types of spam as well. Coupled with good education, organizations who use these solutions are doing extremely well in fighting spam.

Spam continues to be a real threat to consumers and businesses because the threat landscape continues to evolve. As spammers continue to get trickier, and more dangerous. It is more important than ever to make sure that your organization is doing everything in their power to minimize you and your co-workers’ from being victimized by such an attack.

Written by Jeff

4 Comments

  1. Cass · July 13, 2013

    To me, it’s obvious the war with spam can’t be won. The only thing we can achieve is to try to minimize the damage. Unfortunately, we just need to take it for granted that in one form or another spam will always exist and exercise utmost caution not to become an easy victim.

  2. Jermaine · July 30, 2013

    The list only proves one thing to me: it’s not going to be stopped ever. i think that’s something I should try to accept from now on. What I can’t is the lack of action. But I understand. It’s not that easy to upgrade a software or a process to catch new breeds of spam. It’s a lot easier to create than destroy spam.

  3. Honey · July 30, 2013

    Bad grammar and spelling used to be a major characteristic of spam. As soon as one saw an erroneously constructed email, he or she would begin suspecting that it was spam. It made spam detection a little easier. Nowadays, there are still pharmacy emails, but they’re better constructed with proper grammar and spelling.

    The popularity of social media adds a lot of burden in the fight against scam because they are easy targets of fraud. It seems like the battle against spam still has a long way to go. There’s no end in sight yet, but I believe that awareness can help a lot in protecting individuals and companies.

  4. Jeff · July 30, 2013

    Spam is a reality that we are going to have to deal with, and you are right it will never stop. But putting the right technical controls in place will greatly reduce the amount of spam that makes it into your inbox. And management doesn’t have to be difficult. There are solutions that realize not everyone has an individual dedicated to, and certified in, their particular product. These solutions build for SMEs make it much easier to upgrade and manage so zero-day threats are better contained.

Leave A Reply