MP3 audio spam pitching a company called Exit Only is flooding the Internet, say security firms.
What do you get when you cross spam with MP3 files? The answer, as people have been discovering since August of last year when this unhappy hybrid first appeared, is mass mailed MP3 audio spam, or spaMP3.
Starting at 21:24 GMT Wednesday evening, according to security firm Commtouch, a torrent of new spaMP3 flooded the Internet. The spam messages, which contain short MP3 audio attachments pitching the stock of a company called Exit Only, have accounted for 7% to 10% of all spam globally over the past 18 hours.
Typically, the idea in such a "pump-and-dump" scheme is to prompt people to buy the stock, causing the stock price to rise. Those originating the spam mailing can then sell shares they own at an inflated price, making a profit in the process.
As of 18:00 GMT on Thursday, Exit Only's stock was up about 2.5%.
Like image-based spam, spaMP3 messages are more of a burden to e-mail servers than text-based spam because of their large size -- 85 Kbytes on average.
Commtouch notes that the sound quality of the recordings is very poor because they're recorded at a bitrate of 16 Kbps and a sample rate of 11 KHz, at an average length of 30 seconds. The spaMP3 messages are also highly randomized to avoid being caught by filters.
Kaspersky Lab, which claims to have first detected the outbreak, says that the incident represents the first mass mailing of MP3 spam.
"Users often send each other short audio files with funny recordings -- it seems as though spammers are banking on the fact that users think these files are worth listening to," said Andrey Nikishin, director of Kaspersky Lab's IT security outsourcing operation, in a statement. "A user gets an MP3 file and thinks it's going to be something funny or interesting, so they'll open it. But the spammers are limited in the size of recording they can send, which is why the quality of the recording is very bad. We probably will see more MP3 mass mailings, but they won't have any real effect on our spam statistics."
In its E-mail Threats Trend Report for the third quarter of 2007, released on Tuesday, Commtouch said that global spam levels had reached an all-time high of 95% of all e-mail messages during the quarter.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.