By Derek Iwasiuk
November 17, 2006
Inc., the industry leading provider of e-mail security and spam
filtering solutions, announces new sophisticated spammer tricks are
thwarting spam filters.
By industry estimates, spam has dramatically risen by more than 50% in
just the two months since September 2006. More significantly, it is not
just more of the same old spam, but radically new methods that are
challenging, and in many cases defeating existing anti-spam systems.
This has emboldened spammers as perhaps never before, and as a result,
nearly all inboxes have seen a sharp increase in spam.
In the new type of "image spam", the image in each spam message is
altered with randomized pixels to defeat image checksums; even the
image size is randomized, as is the text. Image spam was initially seen
in penny stock spams, but due to their success in defeating anti-spam
systems, they are now pitching "the usual" products.
Most anti-spam systems rely heavily on IP Reputation or IP Blacklists
which accept email from trusted mail servers, e.g. from legitimate
companies, and block emails from known spam sources. A new spam trick
is to not send the spam directly to the intended recipient, but to
bounce it off the mail server at a legitimate company. This is done by
forging the To: and From: fields and finding mail servers that bounce
the entire email message. The recipient then receives a
"Non-deliverable" email message, and when opened, sees the spam. Since
the spam came from a legitimate company's mail server, it is difficult
for an IP-based anti-spam system to block without also blocking
legitimate emails from that company.
Further complicating things, some spammers have already used both
methods - bouncing highly randomized image spam off of legitimate mail
servers. After receiving such spam, many users have mistakenly accused
innocent victims of sending the spam.
One of the few anti-spam systems that has kept up with these new
spammer tricks is SpamStopsHere.com. According to the President, Ted
Green, "We don't rely much on IP address reputation, but instead fully
scan each email message for the "Click me" links found in traditional,
non-image spam. It doesn't matter if it is sent directly or is bounced,
we block it". To block image spam, SpamStopsHere analyzes all emails
containing images coming to its thousands of customers and
automatically determines the "template" from which an image spam is
randomized. Once confirmed by its 24/7 technical staff, all image spams
matching a known template are blocked. SpamStopsHere blocks over 99% of
traditional spam and 98% of image spam, while keeping mistakes with
legitimate email to a minuscule 1 in 100,000.
These new and ever more sophisticated spamming methods have fueled an
explosion in phishing attacks and financial/home-business scams.
Businesses can no longer protect their networks and their employees
from cyber threats using inferior mass-market solutions. Businesses
must arm themselves with the best security technology to protect their
staff and assets.
About Greenview Data
Greenview Data, Inc. has been providing its critically acclaimed
SpamStopsHere network security solutions to clients across the globe
since 2002. Greenview Data also created and developed the powerful
VEDIT™ text editor, which has been licensed to over 150,000 users since
1980. EBCDIC to ASCII conversion makes up the third division of
Greenview Data; providing conversion solutions through turn-key
contracting and consulting. Through the growth of their SpamStopsHere
hosted service, and exciting R&D projects, Greenview Data is
looking to the future and another successful 26 years. Greenview Data
is headquartered in Ann Arbor, Michigan.