Spammers use images to avoid spam filters
Chicago (IL) - Security software firm Sophos has published an updated version of its "dirty dozen" list of spam relaying countries. Among the main trends during the second quarter are image files that are used by spammers to dodge spam filters and a potential roadblock for the U.S. to reduce the amount of spam messages.
For the first time in more than two years, Sophos said that did not recognize a quarter-over-quarter decrease in spam messages originating from the U.S. Sophos estimates that about 23.2% of all spam is relayed through the US, followed by China with 20.0% and South Korea with 7.5%. The company believes that the impact of the CAN-SPAM legislation, which has resulted in huge fines and numerous arrests, may be limited at this time: "It's hard to criticize the US for failing to take action," said Graham Cluley, senior technology consultant at Sophos. "Perhaps the reality is that the statistics can't be reduced any further unless US home users take action to secure their computers and put a halt to the zombie PC problem."
In fact, Sophos found that "the vast majority of this spam is relayed by 'zombies', also known as botnet computers, hijacked by Trojan horses, worms and viruses under the control of hackers." While Asia accounts for more spam than any other continent, spam relaying in Europe continues to become more prevalent, Sophos said. In Q1 2006, 25% of the world's spam was sent out from European countries. In Q2, that number climbed to 27.1%, Sophos estimates. According to the ranking, Europe now distributes more spam than North America.
Spammers do not only improve their infrastructure, but continuously come up with new ideas how to get around spam filters. A simple but very effective method appears to be the use of pixel-based images in emails, which cannot be identified as spam by spam filters that rely on the analysis of textual spam content. Sophos said that spam containing embedded images has risen sharply from 18.2% in January to 35.9% in June.
There's also a key trend in spam content: According to Sophos, 15% of all spam emails are now "pump-and-dump" scams, compared to just 0.8% in January 2005. Such scams are generally used to boost the value of a company's stock in order for spammers to take home a quick profit.