Recession Spurs Search Engine Spammers
Search engine spam has resurfaced with a new twist. This time, the email message focuses on the recession, and provides a link to a search engine.
But unlike the spam message reported by MessageLabs Intelligence in January 2008, this message does not use an automatic redirect link, nor does it search for keywords in hopes that the spammer's site appears in the first listing of the search query. Instead, it searches for the spammer's domain.
The technique allows spammers to include a link in the email constructed from a search engine query. Eliminating the URL in the body of the email message makes it difficult for anti-spam applications to detect. Plus, the link leads the person to the spammer's Web site.
"The spammers use the search engine similar to a landing page," said Paul Wood, MessageLabs intelligence analyst, Symantec. "This time, spammers relying on the search engine are not indexing the site, which is quite different from how they did it in the past."
Last year, MessageLabs, a division of antivirus software maker Symantec, reported that search engine spam rose to 17% of all spam in January 2008, making this a trend to watch as the recession continues to impact businesses this year. The good news is spam declined 1.3% to 73.3% in February 2009, sequentially. Malware-infected emails in the same month also declined, by 0.06% to one in 309.4.
The bad news is that this technique to direct people from search engines to annoying domains that sell fake Gucci watches and purses could become more than an annoyance. The spam emails could easily send people to sites hiding Web-based malware.
And by the time the searcher reaches the infected site it would be too late. The search engine would need to catch the malicious code before directing the searcher to the site. Sometimes it only takes a click to download a piece of infected code from a botnet, Wood said.
Aside from spam emails and search engine redirects, another trend to watch focuses on CAPTCHAs, the safeguard aimed at reducing spam that Web sites rely on to differentiate between computers and humans. The spammers take the provided image, analyze, and spit out the results, feeding the information back to the Web site to create fake accounts for social networking sites, for example.
Wood expects to see new forms of CAPTCHAs that include animation or questions. For example, an image might show three dogs and a cat and ask the site visitor to choose the box that contains the like animals.