Sponsored By

Spammers Up To New Tricks

Salesforce.com users are targets of a phishing attack that employs malware disguised as Salesforce's Identity Confirmation feature. It's just one of several new techniques being used by spammers.

John Foley

January 10, 2008

2 Min Read

Salesforce.com users are targets of a phishing attack that employs malware disguised as Salesforce's Identity Confirmation feature. It's just one of several new techniques being used by spammers.Barracuda Networks describes the Salesforce attack as being similar in nature to phishing scams that try to dupe bank customers into giving their passwords. What's noteworthy about this one is that spammers are using a security feature -- Salesforce Identity Confirmation -- that's intended to protect users from this very thing.

"Because of its clever design, unsuspecting Saleforce.com users may inadvertently install the malware," Barracuda warned yesterday. The vendor has tuned its Spam Firewall with countermeasures to block the attack.

Spammers regularly change tactics in an attempt to outwit products designed to block their junk mail and phishing attacks. Among their new tricks: Mini messages that use brevity to slip through firewalls and blank messages that have no subject line or content.

Barracuda CEO Dean Drako says very short messages of only a few words are one of the latest trends identified by Barracuda's engineers. "Because there's less content, it's harder to filter," he says.

In many cases, these mini spams contain URLs that serve as bait to unsuspecting users. Barracuda runs "intent analysis" against the links in effort to identify and block the stuff. Sophisticated spammers know they're being watched for this type of thing, and use free Web hosting sites or shorten URL sites to redirect users to their spam sites. Barracuda employs "multilevel intent analysis" in an attempt to figure this out. The cat-and-mouse game goes on.

I generally ignore the Barracuda spam quarantine that holds junk messages directed at me. But in checking it a few times in recent days, I found a dozen or so spam messages that have no subject line or message at all. "We are seeing some of this, too," Barracuda says. I assume the idea behind these messages is to get curious recipients to reply in some way. Barracuda chalks it up to "just another tactic" used to get past the spam firewall.

Barracuda estimates that 90% to 95% of all e-mail is spam. We don't see most of that because filters from Barracuda and other vendors screen it out. My next posting will be about a form of spam that gets delivered: unwanted e-mail coming from legitimate sources.

About the Author(s)

John Foley

Editor, InformationWeek

John Foley is director, strategic communications, for Oracle Corp. and a former editor of InformationWeek Government.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights