IronPort research suggests 2006 was the year of spam
This year spam returned, according to research released by IronPort Systems, a gateway security provider.
Its volumes swelled in 2006, driven by advanced image-based spam, which is typically 10 times larger than text spam. As a result, digital data transferred more than tripled.
IronPort forecasts that this spam surge will continue in 2007, putting strain on global e-mail infrastructure and causing disruptions in legitimate e-mail delivery.
The research points out that virus writers have shifted from the mass-mailer tactics of previous years to stealthier attacks embedded in office documents and with highly polymorphic outbreaks.
Virus writers have found new ways to deliver a steadily increasing array of harmful code, such as key loggers and system monitors.
Internet Explorer vulnerabilities allow malware code to transmit undetected by the end user. Malware authors developed effective spam and phishing techniques to drive traffic to infected sites, resulting in desktop infection rates of more than 50 percent in corporations worldwide.
Here are some other key findings of the report:
- Elite spam groups have established an elaborate infrastructure that spans the globe. In many cases delivering billions of spam messages from 100,000 different servers in as many as 120 different countries.
- Spam categories keep evolving to fool end-users.
- Pharmaceutical spam and "stock scam" spam are the most widely sent types of spam today. In 2006 "stock scams" surged from less than 10 percent of spam in 2005 to more than 30 percent in 2006.
- Rapid-outbreak spam attacks have increased in frequency.
- Spammers are adopting techniques used by virus writers for years, developing new strains or variants of spam. They send out a very limited trial quantity to see how effective the new strain is against spam filters. Once spammers are confident that they have created a content set that will get through most spam filters, they will launch a very large-scale attack.
A typical spam attack
- Now involves billions of messages using very sophisticated randomization techniques.
- Most attacks are believed to be coming from groups with links to organized crime.
- More than 80 percent of spam is sent from zombies.
- The average life span of a zombie in 2006 was less than 30 days.