Hackers use spam spikes to disable email security

gallery

Security experts have noted a new trend in spamming that involves surges of spam sent to individual domains to knock email servers offline, according to a new report.

The findings of the MessageLabs Intelligence Report noted the appearance of sudden spam surges, or "spam spikes". These spikes were also designed to defeat anti-spam appliances that use signatures to weed out unsolicited email.

According to the report, one such attack on a domain lasted 11 hours and 10,000 junk emails was sent by spammers to the domain's email servers.

The report also noted that image spam is changing. Rather than embedding images in the message body of a spam email, spammers are now hosting the image on a number of picture hosting websites that don't require any form of registration to upload image files.

A link to the spam image is then included in the body of the message, either as a link that will display the message when clicked, or included as an HTML image.

According to information gathered by the company, the group that launched this recent attack was also the same group responsible for abusing Imageshack, a popular image hosting site. MessageLabs said that it is difficult for traditional anti-spam methods to guard against these forms of attack.

Experts said that spammers have continued attacks by developing new tactics to "fly under the radar and cause the most damage."

"With the increase in spam spikes and new techniques with image spam, it is crucial for businesses to take a multi-layered security approach among email, web and IM to protect their employees and their systems completely from these malicious attacks," said Mark Sunner, Chief Security Analyst, MessageLabs.

The research found that spam has in fact decreased 3.4 per cent from last month. Spam accounted for 72.7 per cent of all email. Viruses accounted for one in 118 emails, according to figures from the company.

Email to a friend

Print this page