New spam tricks revealed

Spammers are jumping on legitimate web sites in order to reach unsuspecting victims

Spammers are increasingly relying on legitimate content and web sites to cloak their messages, attempting to bypass traditional controls by passing their messages off as genuine.

The spammers are using images served from respectable sites such as Flickr to give their messages a veil of authenticity, or are injecting spam into seemingly legitimate messages – such as a Hotmail welcome emails, reported email security firm Commtouch Software.

Commtouch's latest quarterly report on email threat trends identified that spammers are stepping up attempts to bypass traditional content analysis protection. Spammers are using reputable web sites and content to weaken traditional anti-spam protection, said Ido Hadari, director of business development at Commtouch.

Because anti-spam products aim to minimise the number of legitimate messages they flag as spam, spammers are seeking to exploit this by making messages appear authentic.

In one case, Commtouch identified a massive outbreak of spam in January 2008, when 250m spam messages were being pumped out, where the message HTML appeared to be a Hotmail welcome message; anyone opening the message was offered Viagra.

Other tricks include embedding hyperlinks to trustworthy web sites, but which actually redirect users to a spam site. These techniques are also being used to propagate malware, Hadari added.

During the first quarter of 2008, the level of spam accounted for between 60 and 94 per cent of all email traffic, Commtouch reported. During that time, an average of 355,000 new zombies, used to distribute spam, were activated every day.