How Email Marketers Battle Highest Level Of Spam In Two Years

SpamGrrr Marketers responsible for sending email promotions may find it more challenging to keep spam botnets at bay. Spam levels hit 90.4% of all email traffic scanned in June by MessageLabs Intelligence. That's the highest level since 2007, according to Paul Wood, MessageLabs analyst at Symantec.

It puts the highest strain on small and-medium-sized businesses to filter out the garbage. Google, Microsoft and Yahoo shovel money and resources into filtering out spam from Webmail accounts, but Wood says that while 83.2% of spam comes from botnets, between 10% and 15% originates in Webmail accounts.

The Webmail accounts are set up automatically using CAPTCHA-breaking tools to bypass the visual puzzles found on the signup pages of Web sites. But the amount continues to increase in Webmail because it's more difficult for anti-spam software running on computer desktops to identify and differentiate the "bad stuff" from legitimate messages.

HTML-formatted emails loading an image in the content from a remote site also contributed to the increase during the last two months. This means much of the spam now comes from genuine Webmail accounts, rather than accounts that have been spoofed to appear legitimate.

Resilient botnets have become a concern, Wood says. One of the most active botnets, Cutwail, managed to quickly bounce back after several hours of downtime on June 5, following the shutdown of California- based ISP Pricewert by the U.S. Federal Trade Commission earlier that week.

While MessageLabs detected a sudden drop in email Spam levels related to the Cutwail botnet, the decrease was short-lived. In hours, the botnet managed to recover to about one-third of its original capacity. Wood says the botnet literally "healed itself."

MessageLabs has also seen "social engineering" to dress up messages and entice people to click to download malicious malware through music videos. "We didn't see much activity straight away after the death of Michael Jackson because I think it caught the bad guys off guard," Wood says. The spam and malware attacks followed after a few days.

Cutwail and Donbot, a top 5 botnet in size and output, have been responsible for celebrity spamming, but when opening the email it contains the same old pharmaceutical message and image.

A blog post from security firm SophosLabs notes that Michael Jackson breaking news videos distribute malware. The body of the message is in Portuguese, which SophosLabs roughly translated into telling the viewer to click on the video to see unpublished images of Michael Jackson's body. The image contains two links. One takes the person to a .com.au site that asks the person to download the file "Michael.Jackson.videos.scr." This file is detected by Sophos Antivirus as Troj/Dloadr-CPD. The other link takes the user to a YouTube video of Jackson's hit "Thriller."

Next story loading loading..