Feeds

Spammers dive into Google's lucky dip

Feeling phished?

SANS - Survey on application security programs

Google's "I'm feeling lucky" button was designed to save web searchers time by automatically opening the first page of a query. It turns out the feature, and similar ones from other search engines, are increasingly helping junk mailers get around anti-spam products.

That's one of the findings from a January Intelligence report from MessageLabs. The IT security firm found that so-called search engine spam, which only came to light in the past few weeks, accounted for 17 per cent of all the spam the company saw in January. The emails include links that work like this one. When a recipient clicks on them, they frequently lead to destinations hosting malware or phishing sites. But because the links make no mention of the naughty URL itself, many anti-spam filters don't catch them. Anti-phishing protections built in to browsers and browser plug-ins also fail to catch them, in many cases.

To change things up, spammers frequently use different regionalized search engine sites, such as google.com.hk and google.co.uk.

The new technique is "probably more a manifestation of the ebb and flow of the good-guy versus bad-guy arms race," says MessageLabs Chief Security Analyst Mark Sunner. "There really hasn't been a necessity until this point for the bad guys to raise their game with this technique."

Also in January, MessageLabs saw a spike in spam pitching get-rich-quick and other financially-related services. Coming amid a wave of news articles reporting problems with the US and global economies, the spam is playing off of people's anxiety about their finances, Sunner said.

MessageLabs saw declines in other types of junk mail. Spam touting stocks fell to just two per cent in January, an all-time low since MessageLabs began keeping count. Company researchers said the decline could be related to the arrest of notorious spammer Alan Ralsky, who according to federal prosecutors, was engaged in a sophisticated pump-and-dump operation with 10 other individuals until it was shut down almost four weeks ago.

While MessageLabs made no mention of an initiative implemented in March by the Securities and Exchange Commission, this is likely also to be responsible for the drop. Under the program, penny stocks that are the subject of pump-and-dump email campaigns are temporarily suspended immediately following the issuance of the spam - preventing the architects from being able to profit from the scheme. Remove the profit and chances are you'll remove the crime, too. Indeed, both Symantec and the SEC have reported declines in stock-related spam following the new rules.

MessageLabs also said the amount of image spam fell in January to just two percent of all junk mail. That compares with a high of 20 per cent last summer.

The company provides email and web filtering services for more than 16,000 business customers. It processes more than 2.5 billion email connections and one billion web requests each day. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.