Mountain View, CA, October 17, 2006 – Spam attacks – and in particular image spam and zombie-generated spam – grew during the third quarter of 2006, achieving new heights of 3.5 million attack patterns in a single day. Each attack pattern is typically comprised of tens of thousands of emails.
Image spam increased in number and severity during the quarter, reaching 50% of all spam during its peak distribution time. In the second quarter, it reached a peak of 30% of all spam.
Animated GIF Image Spam: Fatter Than Ever
Image-spammers added new complexity to their wares during the quarter, coming out with animated images distributed on a massive scale for the first time. These animated images are typically comprised of three to seven individual frames that play in repetition, similar to a movie. The main message is in a single frame that appears for the longest time – around 25 seconds – and the other frames contain either subliminal messages (e.g. “buy... buy… buy…”) or random pixels to attempt to fool anti-spam technologies.
Animated image spam typically weighs 44KB, around eight times the size of regular textual spam, which averages around 5.5KB.
Based on Commtouch’s analysis, on average, image-based spam accounts for 20% of all spam. Since it is five to eight times larger than text spam (depending on the type of image), total bandwidth consumption and redundant storage necessitated by spam has more than doubled since the beginning of the year.
“The bandwidth and storage requirements of such resource-intensive spam weighs heavily on most IT organizations,” said Amir Lev, Commtouch’s CTO. “In addition to the sheer size of each individual message, the spam messages are sent in enormous quantities, which can overload an enterprise if it is not using an anti-spam engine that knows how to identify and block them.”
Spammers have also started using images in PNG format, where previously they were using only GIF images. This is another method to try to bypass anti-spam filters.
View Commtouch’s most recent report on image-based spam.
Spam Distribution Networks Growing as Zombies Take Over Home PCs
Zombie networks or ‘botnets’ have grown in size and severity throughout the quarter, as well. Commtouch research also identified hundreds of thousands of newly activated zombie machines each day throughout the third quarter. Zombies are typically compromised home computers with a broadband connection to the Internet. Commtouch research identified that on average, 85% of spam messages sent during the third quarter of 2006 were sent via zombie-infected computers.
“Zombie networks are impossible to block out by traditional ‘blacklisting’ since they are constantly changing,” Mr. Lev commented. “They are like the fireflies of the spam universe – the zombie is born when the computer gets infected by rogue software, but it only remains active for a short time from the same IP address. Only a real-time detection engine can provide effective protection against zombie-generated spam messages.”
What’s All the Spam About?
Spam touting penny stocks has been increasing in the last several quarters due to recent barrages of image-based spam. Stock scams are tailor-made for image-based spam, since they do not require any hyperlinks to spammer web sites, instead simply directing the reader to purchase the stock. Below is the breakdown of the most pervasive content of spam messages for the third quarter of 2006:
|
Pharmaceuticals |
27% |
|
Stock |
18% |
|
Sex Enhancers |
12% |
|
Finance (work from home,mortgage,etc.) |
11% |
|
Gambling |
11% |
|
Pornography |
6% |
|
Other |
15% |
Phishing Increased: Main Targets eBay and Paypal
Phishing, i.e. attempted fraud via email, is rising with the ever-rising tide of spam. Commtouch research shows that during the third quarter, nearly half of all phishing attempts preyed on account holders in eBay or Paypal, divided nearly equally between the two (24% eBay, 24% Paypal).
Phishing email messages typically use social engineering tactics to make the reader believe that they are viewing a legitimate communication from a financial institution. Then users are lured into providing their usernames and passwords by “logging in” to the fictitious site which they access by clicking a hyperlink in the email.
“Regardless of the anti-spam legislation in effect in many countries, we see that the spam problem is getting worse with each passing day,” said Mr. Lev. “Double-digit percentages of image-based spam, enormous zombie spam networks, growth in phishing attempts - all point to the fact that legislation alone can never solve the problem. The answer is rooted in technology-based filtering and blocking.”
Commtouch RPD™ technology for fighting spam and email-borne malware is content-agnostic. Unlike content-based filters, it relies on analyzing distribution patterns of billions of email messages to block phishing attempts and image-based spam effectively.
About Commtouch
Commtouch Software Ltd. (NASDAQ: CTCH) is dedicated to protecting and preserving the integrity of the world's most important communications tool -- email. Commtouch has over 15 years of experience developing messaging software and is a global developer and provider of proprietary anti-spam and Zero-Hour virus protection solutions. Using core technologies including RPD (Recurrent Pattern Detection™), the Commtouch Detection Center analyzes billions of email messages per month to identify new spam and malware outbreaks within minutes of their introduction into the Internet. Integrated by more than 50 OEM partners, Commtouch technology protects thousands of organizations, with over 50 million users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Mountain View, CA. For more information, see: www.commtouch.com, including the Commtouch online lab detailing spam statistics and charts.
Recurrent Pattern Detection, RPD and Zero-Hour are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch.
Contact:
Rebecca Steinberg Herson
US: +650-864-2112
Int’l: +972-9-863-6877
rebeccah@commtouch.com
