Sophos finds a new spam-related webpage on average every 3 seconds - 23,300 each day. This calculation includes pages registered on “freeweb” sites, such as Blogspot, Geocities, etc. Sophos predicts this number will increase so long as its authors are making money from such ruses. By ensuring that spam messages are quarantined and not delivered to the recipient, businesses can not only save time and money, they can also help protect their users from emails linking to infected sites.
In an attempt to defeat sender reputation-based filters, the spammers who relied heavily on botnets are trying to abuse free webmail services, such as Hotmail, AOL AIM and Gmail. A recent and notable spam campaign using this technique was “Canadian Farmacy”. Some of their campaigns were exclusively sent from webmail accounts. Experts believe that the rise in webmail spam might be related to spammers having bypassed CAPTCHA techniques – a challenge response test used to determine that the user is human.
The Dirty Dozen chart shows that the US has decreased its contribution to the spam problem, relaying only 15 percent of spam, compared to one fifth in 2007.
Sophos experts are also monitoring a large number of Chinese, domains that are being promoted by spam campaigns. Interestingly, there is a 2008 promotion inviting people to register .CN domains for a mere 1 Yuan (USD 14 cents).13 Such a low cost is attractive to spammers, as they can register hundreds of new domains and rotate them every few minutes during a spam run in order to bypass spam filters that use URL blocklists.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.