Americans Ingested Too Much Holiday E-Mail Spam, Survey FindsAmericans Ingested Too Much Holiday E-Mail Spam, Survey Finds
Symantec also sees spammers trying new techniques, such as spamming via bot-net, audio and video spam, and spamming using protocols for IM, SMS, and online games.
December 10, 2007
While Americans celebrated the harvest last month over the Thanksgiving holiday, spammers were busy with a harvest festival of their own: trying to gather new e-mail addresses.
Symantec attributes the 72% increase in overall e-mail traffic in November to a spam surge driven by spammers probing for valid e-mail addresses. "During a harvesting campaign spammers bombard e-mail servers with guessed e-mail addresses," explained Kelly Conley, a manager for Symantec Security Response, on the Symantec blog. "Those that are not rejected are assumed to be valid e-mail addresses and are added to spam lists for future attacks. Symantec estimates that it blocked approximately 35 million of these harvesting e-mails." In its December 2007 spam report, Symantec notes that predictions of the death of spam have been greatly exaggerated. "While Bill Gates' 2004 prediction that spam would be eradicated within two years clearly missed the mark, few expected spam's extraordinary resurgence in 2007," the report states. "Since 2006, spam levels have steadily climbed from 56% of all e-mail to an all-time high of 72% of e-mail in the most recent month's report." The percentage of spam messages varies, depending upon the provider of the statistics. MessageLabs, for example, estimates that the current peak spam rate is 65.4% and that average spam rate recently is 46.1%. But there appears to be consensus that there's more spam sent during the holiday season, just as they're more legitimate marketing. As Symantec observes, spammers are using seasonal hooks -- holiday-themed subject lines -- to trick more people into reading and responding to their messages. The Symantec report observes several broad spamming trends. These include a small decline in image spam, the continued popularity of spam-driven, pump-and-dump stock scams, and the emergence of spam that tries to exploit interest in the 2008 Beijing Olympics. Symantec also sees spammers trying new techniques, such as spamming via bot-net, audio and video spam, and the beginnings of spamming using protocols for IM, SMS, and online games. Despite the refinement and improvement of spamming techniques, individuals remain reasonably well insulated from the spam onslaught, thanks to aggressive filtering and other anti-spam techniques. A May study by the Pew Internet and American Life Project found more spam getting through to people than in the past, but noted that spam was perceived by survey respondents to have less of an impact. The Pew report found that 37% of e-mail users reported an increase in spam in their personal e-mail accounts compared to two years ago, up from 28%, and that 29% of business e-mail users reported an increase in spam from two years ago, up from 21%. It also found that while 25% of e-mail users said spam was a big problem in June 2003, only 18% said as much this year. Yet such sentiment may reflect a false sense of security. In light of the widely noted rise in targeted attacks like spear-phishing, spam may be less of a nuisance overall, but it is decidedly more dangerous. Whereas the spam of yore may have pitched questionable pills, today's spam appears more likely to lead to exposure to malware like Trojan keyloggers or bot software.
About the Author(s)
You May Also Like