A spam epidemic …
In the past six months, spam has gotten measurably worse. Worldwide, spam volumes have doubled from last year, and unsolicited e-mail now accounts for more than 9 of every 10 emails.
Anti-spam companies fought the scourge successfully, for a time, with a blend of three filtering strategies. Their software scanned each e-mail and evaluated
(1) from whom the message was coming,
(2) what kind of content it contained and
(3) which Web sites the message linked to.
The new breed of spam — call it Spam 2.0 — poses a serious challenge to each of those approaches.
1. SPAM BOTNETS (an internet Typhoid Mary) Spammers have effectively foiled the first strategy — analyzing the reputation of the sender — by conscripting vast networks of computers belonging to users who unknowingly downloaded viruses or spyware. 250,000 new computers are captured and added to these spam “botnets” each day, without the knowledge of their owners. This makes it more difficult for companies to rely on published blacklists of known bulk e-mail distributors.
2. IMAGE SPAM Traditional anti-spam software examines the words in a text message, and through a statistical technique called Bayesian analysis, determines if the words are more likely to signify a legitimate or spam e-mail message. The explosion of IMAGE SPAM this year has largely thwarted that approach. Spammers realized that shifting their words to inside an image could frustrate text filtering.
3. SPAM-LINKED WEB SITES Spammers still have to link to the incriminating Web sites where they sell their disreputable wares, right? Well, not anymore. The most common species of Spam 2.0 are e-mail messages touting penny stocks, part of a scheme that anti-spam researchers call the “pump and dump.” Spammers buy the inexpensive stock of an obscure company and send out messages hyping the shares. They sell their holdings when the gullible masses respond and snap up the stock. No outbound links to another Web site are needed.
Click here to see more Computing Tips from the AmCham webmaster.