SpaMP3 Floods the Net - InformationWeek
Business & Finance
01:44 PM
Connect Directly

SpaMP3 Floods the Net

MP3 audio spam pitching a company called Exit Only is flooding the Internet, say security firms.

What do you get when you cross spam with MP3 files? The answer, as people have been discovering since August of last year when this unhappy hybrid first appeared, is mass mailed MP3 audio spam, or spaMP3.

Starting at 21:24 GMT Wednesday evening, according to security firm Commtouch, a torrent of new spaMP3 flooded the Internet. The spam messages, which contain short MP3 audio attachments pitching the stock of a company called Exit Only, have accounted for 7% to 10% of all spam globally over the past 18 hours.

Typically, the idea in such a "pump-and-dump" scheme is to prompt people to buy the stock, causing the stock price to rise. Those originating the spam mailing can then sell shares they own at an inflated price, making a profit in the process.

As of 18:00 GMT on Thursday, Exit Only's stock was up about 2.5%.

Like image-based spam, spaMP3 messages are more of a burden to e-mail servers than text-based spam because of their large size -- 85 Kbytes on average.

Commtouch notes that the sound quality of the recordings is very poor because they're recorded at a bitrate of 16 Kbps and a sample rate of 11 KHz, at an average length of 30 seconds. The spaMP3 messages are also highly randomized to avoid being caught by filters.

Kaspersky Lab, which claims to have first detected the outbreak, says that the incident represents the first mass mailing of MP3 spam.

"Users often send each other short audio files with funny recordings -- it seems as though spammers are banking on the fact that users think these files are worth listening to," said Andrey Nikishin, director of Kaspersky Lab's IT security outsourcing operation, in a statement. "A user gets an MP3 file and thinks it's going to be something funny or interesting, so they'll open it. But the spammers are limited in the size of recording they can send, which is why the quality of the recording is very bad. We probably will see more MP3 mass mailings, but they won't have any real effect on our spam statistics."

In its E-mail Threats Trend Report for the third quarter of 2007, released on Tuesday, Commtouch said that global spam levels had reached an all-time high of 95% of all e-mail messages during the quarter.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll