The Register® — Biting the hand that feeds IT

Feeds

Spammers add a new dimension to junk mail

Say hello to 3D spam

By John Leyden, 3rd September 2007
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Spammers have added a fresh dimension to the fight against junk mail with the creation of image spam rendered in a pseudo 3D layout.

The use of images as opposed to simple junk messages as a way to punt penis pills, refinancing offers and the like has being going on for months. The approach is designed to fool basic spam filters and is, these days, seldom effective. In order to have any hope of success, spammers must use the computing power of compromised machines to create a uniquely modified image in each spam email. Failure to do this would enable spam filters to discard known spam images.

Spammers have now extended this approach by using images that have been modified by adding colours, changing fonts and inserting random dots and lines so that they appear to be in "three dimensions". The effect is even less convincing than squinting at Jaws 3D through a pair of coloured glasses. It's also even more nauseating.

Net security firm F-Secure has noticed an upsurge in the 3D spam tactic over the past few days. "Generating images like this is, of course, more computing intensive but spammers have lots of computing power at their disposal via the huge botnets they are running. It's not like they couldn't afford to render unique 3D spam for every recipient," F-Secure notes.

The appearance of 3D junk mail is part of the ongoing arms race between spammers - anxious to slip their tiresome messages past junk mail filters - and security firms.

Following on from the now established tactic of sending junk mail messages in the images of emails or in PDF attachments, users now have to contend with spam messages in the FDF (Forms Data Format) and now three dimensional junk mail come-ons. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections
All Reader Comments (33)
Latest Comments
Danny Roberts

GMail

OK, not a corporate solution but all my email is routed through GMail. It seems by far and away the best filtering I've seen once it's had a bit of training from the user.

My parents wanted me to set them up a new email account due to the amount of spa they get. I only did it on the premise that they train the filter effectively. I receive about 200emails a day, maybe 12 or so that I want. and I only ever receive 12 or so in my POP3 inbox. What is Google doing right that many other systems (read, ISP's) can't

0
0
Morely Dotes

@ Ross and Kevin Hall

Firstly, the primary issue of open relays has been a non-issue for years. There are few open SMTP relays these days, and if the spammers were to use them, they'd melt down under the load in minutes.

Secondly, the current issue is botnets. Defeating botnets requires a multi-pronged approach:

- Admins must configure their networks so that the default is for all outbound SMTP traffic to route through their own servers (with exceptions made only upon request, and with a reasonable explanation of why the ISP's own servers will not serve the purpose).

- Admins must aggressively null-route traffic from infected machines, both *inside* and *outside* their own networks.

- Admins must require customers to maintain uninfected client machines, with null-routing the first step, and customer termination a last-resort (but not unused) final step.

- Legislators must eliminate the useless laws that currently exist (because they are so full of loopholes that it's almost impossible to violate them), and pass laws that punish spammers, botnet herders, and VXers with serious "hard time" and total confiscation of their assets. It won't stop new offenders; it will make repeat offenses too expensive to be attractive.

And finally, we need to replace all Windows machines worldwide with a more-robust and less-vulnerable OS (that is to say, a *real* OS, one which isn't based on the concept of millions of isolated computers with no network access, then suddenly giving everyone root-level access to all of them at once). Good luck on that one.

Getting lawmakers to do anything useful is harder than sending men to the Moon and bringing them home alive. The problem will be with us for some time to come.

0
0
Morely Dotes

BlueFrog: May the founders DIAF

"BlueFrog was DDOS-ed to death by the spammers. If that doesn't prove they were on to something, I don't know what does."

It proves the people who were given investor money to create BlueFrog, and who collected "subscriptions" money from users, were smart enough to pay a little for a DDoS so they could abscond with the cash after "regretfully" shutting down.

Anyone who isn't paranoid just isn't paying attention.

0
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
135
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
60
Internet fraud still stings suckers
Australians twice as gullible as Americans
36
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17