Spam Soars In 1Q, Small Businesses Under Fire

Despite a small dip in March, the year's first quarter saw spam levels spike, slamming small and midsize businesses.

MessageLabs, a messaging and Web security company out of New York, released a report Monday showing that spam levels jumped 76.3% in the first quarter of 2007. And that's despite a 2.6% drop in March from the month before.

Who's mainly getting pummeled? It's the small and medium-sized businesses that are taking the brunt of the unsolicited bulk e-mail barrage, since they get more than double the spam volume as large enterprises, according to MessageLab analysts.

It's not that smaller businesses are being targeted per se. The problem, the report said, is that large enterprises have more technology in place to ward off the spam assault, while smaller businesses are overwhelmed with the sheer volume of the problem.

"Today, spam is considered a side effect of e-mail," said Mark Sunner, chief security analyst at MessageLabs. "The majority of small businesses view spam as an ongoing irritation rather than a real threat and have given up on dealing with the issue, only to find that bad guys target them even more aggressively. If the first-quarter data tells us anything, it's that malicious activity in the form of spam will only continue on an upward trend."

MessageLabs' report also noted that techniques adopted by spammers have become increasingly more sophisticated, and that means the spam assault will continue at similar levels in the coming months.

Phishing activity accounted for 70.8% of the malware threats this quarter, for example, an increase of 8.6% on the previous quarter, the study reported. In early 2007, "do-it-yourself" phishing kits became more available and easier to obtain online.

Last week, security company Sophos warned IT managers and Webmasters that spammers are hijacking legitimate Web sites to disguise their traffic and throw off anti-spam and antivirus filters. Using PHP vulnerabilities, they're hacking into various Web sites and patching their own traffic through them. That makes it more difficult for anti-spam software and filters that are designed to block links to known spammers' sites.