Feeds

Spammers dive into Google's lucky dip

Feeling phished?

Internet Security Threat Report 2014

Google's "I'm feeling lucky" button was designed to save web searchers time by automatically opening the first page of a query. It turns out the feature, and similar ones from other search engines, are increasingly helping junk mailers get around anti-spam products.

That's one of the findings from a January Intelligence report from MessageLabs. The IT security firm found that so-called search engine spam, which only came to light in the past few weeks, accounted for 17 per cent of all the spam the company saw in January. The emails include links that work like this one. When a recipient clicks on them, they frequently lead to destinations hosting malware or phishing sites. But because the links make no mention of the naughty URL itself, many anti-spam filters don't catch them. Anti-phishing protections built in to browsers and browser plug-ins also fail to catch them, in many cases.

To change things up, spammers frequently use different regionalized search engine sites, such as google.com.hk and google.co.uk.

The new technique is "probably more a manifestation of the ebb and flow of the good-guy versus bad-guy arms race," says MessageLabs Chief Security Analyst Mark Sunner. "There really hasn't been a necessity until this point for the bad guys to raise their game with this technique."

Also in January, MessageLabs saw a spike in spam pitching get-rich-quick and other financially-related services. Coming amid a wave of news articles reporting problems with the US and global economies, the spam is playing off of people's anxiety about their finances, Sunner said.

MessageLabs saw declines in other types of junk mail. Spam touting stocks fell to just two per cent in January, an all-time low since MessageLabs began keeping count. Company researchers said the decline could be related to the arrest of notorious spammer Alan Ralsky, who according to federal prosecutors, was engaged in a sophisticated pump-and-dump operation with 10 other individuals until it was shut down almost four weeks ago.

While MessageLabs made no mention of an initiative implemented in March by the Securities and Exchange Commission, this is likely also to be responsible for the drop. Under the program, penny stocks that are the subject of pump-and-dump email campaigns are temporarily suspended immediately following the issuance of the spam - preventing the architects from being able to profit from the scheme. Remove the profit and chances are you'll remove the crime, too. Indeed, both Symantec and the SEC have reported declines in stock-related spam following the new rules.

MessageLabs also said the amount of image spam fell in January to just two percent of all junk mail. That compares with a high of 20 per cent last summer.

The company provides email and web filtering services for more than 16,000 business customers. It processes more than 2.5 billion email connections and one billion web requests each day. ®

Security for virtualized datacentres

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.