Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, June 2006

  |  July 21, 2006   |  Comments

Image spam continues to get noticed;

Russian president Vladimir Putin is alive and well, but hackers fabricated a story sent via e-mail in an attempt to distribute and infect recipients with a Trojan horse. This form of distribution of malicious code is what threat management solutions firm Sophos calls a "joe job" meaning "a spam campaign forged to appear as though it came from an innocent party, with the intention of incriminating or pinning blame onto them." In this case, the false e-mail appeared to come from BBC News.

In May, a vulnerability in Yahoo Mail allowed hackers to reach the Web mail users; in June a widespread phishing scam targeted Gmail users. Sophos identified the e-mail announcing a $500 prize, redeemable at what was purported to be a Gmail-related link. The link actually took users to a Tripod-hosted Web site. It cost victims $8.60 to begin a membership in order to collect the "winnings." Additionally, the e-mail offered to pay the reward through PayPal or other electronic accounts, potentially capturing yet more user data.

In a report detailing computer threats in the first six months of the year, the security firm made the recommendation home users to switch from Windows-based systems to Macs due to the dominance of Windows-based threats. In the first half of 2006, distribution of Trojans increased in proportion to viruses. The 2006 ratio is 4:1, compared to 2:1 for the same period last year.

A quicker uptake of threats was observed by McAfee, a firm that serves both home users, businesses, and the public sector. It took 18 years for the company to build a database and provide protection for 100,000 threats, a landmark it reached in September 2004. At the beginning of this month, it the company protects against hit 200,000. That's a 60 percent decrease in the time it took to double the number of threats in the database.

Research firm Evans Data reports a 20 percent drop in security breaches in the Europe/Middle East/Africa (EMEA) region. Twenty-two percent of all breaches are computer viruses including worm and buffer overflow attacks.

Cyber threats like viruses and phishing are advancing from traditional methods to more targeted attacks, according to MessageLabs. Spammers deploy e-mail, Web and IM platforms to strengthen the effectiveness of viruses, spam and spyware. The interconnectivity can make "a harmless looking e-mail quickly become a more serious Web threat," a report said.

Security firms continue to observe the trend of image spam. IronPort was among the first to release details on the trend, but it affects the anti-spam industry across the board.

E-mail isn't blocked from rendering in some e-mail clients because the image is imbedded in the message, according to Postini. If the e-mail contains only an image, spammers can't track open rates as they can with HTML-based e-mail.

"[Spammers] might sneak their message past the spam filters by using an image, and they might also imbed a Web bug, an image that's displayed in the message which they might be able to track," said Andrew Lochart, senior director of marketing at Postini.

Top Five Viruses, June 2006
Virus NameQuantity Blocked
Source: Postini, 2006

Competing firm Commtouch claims image spam causes "bandwidth bloat." Image spam accounts for 30 percent of spam globally on average in a given day. On days when the category reaches distribution peak, the global bandwidth and storage consumed by spam can reach 70 percent.

"Image-based spam pay quickly cause IT resource overload if not dealt with properly," said Dan Yachin, research director of EMEA Emerging Technologies at IDC, in a Commtouch statement. "While textual spam messages cause loss of productivity, image spam messages that are three times their size are a whole different ball game, causing a real bandwidth and storage crisis."

Another emerging trend followed by Kaspersky Lab is the re-emergence of polymorphic scripts (define). While the type of virus code began its life in 1990, virus writers moved away from the technique for a time. They now use the code to push viruses past security measures. In 2005 and 2006, polymorphic code has been implemented in script viruses or worms, which is a new use of the application. Previously, the code was used with browser vulnerabilities and Trojan-downloaders written in script languages. Its most prevalent use was in the LoveLetter worm.

Online Scanner Top 20, June 2006
1Trojan-Spy.Win32.Banker.anv 2.63
6Email-Worm.Win32.Brontok.q 1.10
Other malicious programs78.43
Source: Kaspersky Lab, 2006

ClickZ Live Toronto On the heals of a fantastic event in New York City, ClickZ Live is taking the fun and learning to Toronto, June 23-25. With over 15 years' experience delivering industry-leading events, ClickZ Live offers an action-packed, educationally-focused agenda covering all aspects of digital marketing. Register today!


Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!




Featured White Papers

A Buyer's Guide to Affiliate Management Software

A Buyer's Guide to Affiliate Management Software
Manage your performance marketing with the right solution. Choose a platform that will mutually empower advertisers and media partners!

Google My Business Listings Demystified

Google My Business Listings Demystified
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.



    • Website Optimizer - SEO, CRO, Analytics
      Website Optimizer - SEO, CRO, Analytics (Marcel Digital) - ChicagoMarcel Digital, an award winning interactive marketing agency established in 2003...
    • Director of Marketing
      Director of Marketing (Patron Technology) - New YorkDirector of Marketing We are seeking a Director of Marketing to manage and build our marketing...
    • Senior Interactive Producer
      Senior Interactive Producer (Ready Set Rocket) - New YorkWhat You'll Do As a member of our team, the Senior Producer reports directly to our...