Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, June 2006

  |  July 21, 2006   |  Comments

Image spam continues to get noticed;

Russian president Vladimir Putin is alive and well, but hackers fabricated a story sent via e-mail in an attempt to distribute and infect recipients with a Trojan horse. This form of distribution of malicious code is what threat management solutions firm Sophos calls a "joe job" meaning "a spam campaign forged to appear as though it came from an innocent party, with the intention of incriminating or pinning blame onto them." In this case, the false e-mail appeared to come from BBC News.

In May, a vulnerability in Yahoo Mail allowed hackers to reach the Web mail users; in June a widespread phishing scam targeted Gmail users. Sophos identified the e-mail announcing a $500 prize, redeemable at what was purported to be a Gmail-related link. The link actually took users to a Tripod-hosted Web site. It cost victims $8.60 to begin a membership in order to collect the "winnings." Additionally, the e-mail offered to pay the reward through PayPal or other electronic accounts, potentially capturing yet more user data.

In a report detailing computer threats in the first six months of the year, the security firm made the recommendation home users to switch from Windows-based systems to Macs due to the dominance of Windows-based threats. In the first half of 2006, distribution of Trojans increased in proportion to viruses. The 2006 ratio is 4:1, compared to 2:1 for the same period last year.

A quicker uptake of threats was observed by McAfee, a firm that serves both home users, businesses, and the public sector. It took 18 years for the company to build a database and provide protection for 100,000 threats, a landmark it reached in September 2004. At the beginning of this month, it the company protects against hit 200,000. That's a 60 percent decrease in the time it took to double the number of threats in the database.

Research firm Evans Data reports a 20 percent drop in security breaches in the Europe/Middle East/Africa (EMEA) region. Twenty-two percent of all breaches are computer viruses including worm and buffer overflow attacks.

Cyber threats like viruses and phishing are advancing from traditional methods to more targeted attacks, according to MessageLabs. Spammers deploy e-mail, Web and IM platforms to strengthen the effectiveness of viruses, spam and spyware. The interconnectivity can make "a harmless looking e-mail quickly become a more serious Web threat," a report said.

Security firms continue to observe the trend of image spam. IronPort was among the first to release details on the trend, but it affects the anti-spam industry across the board.

E-mail isn't blocked from rendering in some e-mail clients because the image is imbedded in the message, according to Postini. If the e-mail contains only an image, spammers can't track open rates as they can with HTML-based e-mail.

"[Spammers] might sneak their message past the spam filters by using an image, and they might also imbed a Web bug, an image that's displayed in the message which they might be able to track," said Andrew Lochart, senior director of marketing at Postini.

Top Five Viruses, June 2006
Virus NameQuantity Blocked
Source: Postini, 2006

Competing firm Commtouch claims image spam causes "bandwidth bloat." Image spam accounts for 30 percent of spam globally on average in a given day. On days when the category reaches distribution peak, the global bandwidth and storage consumed by spam can reach 70 percent.

"Image-based spam pay quickly cause IT resource overload if not dealt with properly," said Dan Yachin, research director of EMEA Emerging Technologies at IDC, in a Commtouch statement. "While textual spam messages cause loss of productivity, image spam messages that are three times their size are a whole different ball game, causing a real bandwidth and storage crisis."

Another emerging trend followed by Kaspersky Lab is the re-emergence of polymorphic scripts (define). While the type of virus code began its life in 1990, virus writers moved away from the technique for a time. They now use the code to push viruses past security measures. In 2005 and 2006, polymorphic code has been implemented in script viruses or worms, which is a new use of the application. Previously, the code was used with browser vulnerabilities and Trojan-downloaders written in script languages. Its most prevalent use was in the LoveLetter worm.

Online Scanner Top 20, June 2006
1Trojan-Spy.Win32.Banker.anv 2.63
6Email-Worm.Win32.Brontok.q 1.10
Other malicious programs78.43
Source: Kaspersky Lab, 2006

ClickZ Live Chicago Join the Industry's Leading eCommerce & Direct Marketing Experts in Chicago
ClickZ Live Chicago (Nov 3-6) will deliver over 50 sessions across 4 days and 10 individual tracks, including Data-Driven Marketing, Social, Mobile, Display, Search and Email. Check out the full agenda and register by Friday, Oct 3 to take advantage of Early Bird Rates!


Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!



Featured White Papers

IBM: Social Analytics - The Science Behind Social Media Marketing

IBM Social Analytics: The Science Behind Social Media Marketing
80% of internet users say they prefer to connect with brands via Facebook. 65% of social media users say they use it to learn more about brands, products and services. Learn about how to find more about customers' attitudes, preferences and buying habits from what they say on social media channels.

An Introduction to Marketing Attribution: Selecting the Right Model for Search, Display & Social Advertising

An Introduction to Marketing Attribution: Selecting the Right Model for Search, Display & Social Advertising
If you're considering implementing a marketing attribution model to measure and optimize your programs, this paper is a great introduction. It also includes real-life tips from marketers who have successfully implemented attribution in their organizations.


    • Tier 1 Support Specialist
      Tier 1 Support Specialist (Agora Inc.) - BaltimoreThis position requires a highly motivated and multifaceted individual to contribute to and be...
    • Recent Grads: Customer Service Representative
      Recent Grads: Customer Service Representative (Agora Financial) - BaltimoreAgora Financial, one of the nation's largest independent publishers...
    • Managing Editor
      Managing Editor (Common Sense Publishing) - BaltimoreWE’RE HIRING: WE NEED AN AMAZING EDITOR TO POLISH WORLD-CLASS CONTENT   The Palm...