Computer users are getting spam this holiday season – whether they are naughty or nice.
The number of annoying and often dangerous e-mail messages has risen drastically in recent months and is getting a boost now because of holiday marketing.
“In the last 60 to 120 days, there’s been another spike, just in time for the holiday season,” said Rob Fleischman, chief technology officer of Simplicita, a Denver-based company that works to stop spam.
He said “botnets” – computers controlled by malicious software that has taken them over to send spam – are sending out messages that are harder for traditional filters and security programs to catch.
Many of those messages are image spam, a new breed of tough-to-detect spam that consists of text embedded in a picture. More traditional spam filters detect spam by keying on certain phrases, but image spam outsmarts them because the filters can’t read the words.
MX Logic, a Denver company that monitors and filters e-mail for business, said spam accounted for 88 percent of messages filtered through its threat center last week. That number was up from 80 percent for October and 77 percent in September.
“There’s been a mass increase in e-mail volume in the last six to eight months,” said Sam Masiello, director of threat management for MX Logic. “We’ve seen a 500 percent increase in total mail volume, and it’s mostly spam.”
One worm responsible for the bulk of new image-based spam is the Warezov or Stration worm, Masiello said. A worm is a type of virus that automatically spreads among PCs and replicates itself, sending out thousands of copies.
Despite best efforts to stop the spread of the Warezov worm with updates to filters and anti-virus software, spammers have come up with new variants of the worm to bypass the updates.
“Tricking users continues at a rapid pace. This is going to be harder and harder to protect yourself against,” said David Moll, chief executive of Boulder-based Webroot Software Inc., maker of anti-spyware software Spy Sweeper. “I don’t think there’s ever going to be a way we’re going to eliminate vulnerabilities completely.”
The nature of spam has evolved from annoying advertisements to fraudulent messages purportedly from retailers or financial institutions trying to get users to enter account or credit-card information. While many people have learned to avoid these so-called phishing attempts, new botnet and worm attacks focus on monitoring keystrokes to get personal information for financial gain.
“Spammers have gone from being one person to organizations. It’s looking like organized crime is behind it,” Moll said. “We’ve seen some pretty sophisticated things that are the work of collective groups of technically sophisticated people.”
ManiaTV, a live, Denver- based online TV network, said it is successfully blocking most spam coming to employees’ e-mail accounts, but now it’s getting so-called “comment spam,” which is spam automatically posted to message boards.
There’s also the issue of “video spam” in which people upload malicious files as video clips to the ManiaTV website, said ManiaTV chief operating officer Peter Haskins.
“There’s not a lot of technology out there on the video front that can figure out what a video is,” he said. “It’s a significant operational issue for a business like ManiaTV.”
Online retailers are working to stay above the fray when it comes to spam.
At Greenwood Village-based eBags, an online retailer of handbags and luggage, the company lets customers subscribe to updates on particular brands of bags they like, and customers have to feel comfortable that the updates are legitimate.
“It’s definitely something we have to deal with, something we have to monitor,” said Brittany Ancell, an eBags spokeswoman. “But it’s something we’ve overcome. It’s on our radar.”
While spam rates may subside after the holidays, there are new threats that will appear in coming months, experts say.
Among them, more spam to cellphones and smart phones – such as Blackberrys and Treos – and to digital phone or Voice over Internet Protocol networks, which hackers could use to make international phone calls billed to someone else’s phone.
“It’s starting to become a hotter topic,” Masiello said. “Security is going to be one of the standard things asked or pitched by salesmen. That’s one of the things they’re going to have to offer.”
Spam, spam, spam, spam: Unlovely spam ruining your cyberlife? Sound off about it in West Watch. denverpost.com
Staff writer Kimberly S. Johnson can be reached at 303-954-1088 or kjohnson@denverpost.com.
Para leer este artículo en español, vaya a denverpost.com/aldia
Dodging the landmines in cyberspace
Experts say there are ways people can lessen the probability of being a victim of malicious spam attacks:
Sources: Simplicita Software Inc. and MX Logic
