Computing in the real world
SEARCH FOR: IN: Advanced Search
Guest  Level 00    Register Log in

News 

[PSUs]
Monday 2nd October 2006
'Geek spam' emerges as spammers play new trick 5:56PM, Monday 2nd October 2006
Hosted security firm Messagelabs claims geeks are being targetted explicitly by spammers using new techniques to subvert spam filters.

It says that over the past few weeks it has seen a new spamming trend arise, which uses 'technobabble' to confuse spam filters into trusting spam mail. MessageLabs is calling it 'geek spam'.

While gateway-level antispam systems can clean out a lot of unwanted mail, workers can improve on this and employ Bayesian rules within their desktop mail client which learn the characteristics of legitimate and spam mail from the content of email in their inbox over time.

Any particular profession has a lexicon of words and jargon, which naturally occur frequently in correspondence. Bayesian filters see this and rank mail that contains these words as more likely to be legitimate.

This latest spam trick recognises exactly this and poisons the filters by inserting vocabulary from the same lexicon in spam mail targetted at a particular profession.

And this not only mucks up the filters, but also means the recipient is more likely to open mail that uses directly relevant vocabulary.

The type of geek spam MessageLabs is picking up uses
 
 
ADVERTISEMENT
words such as '.NET,' 'cpan', 'xss', 'Java' and subject lines such as 'Bug #33006: Your review is necessary'.

Paul Wood, Chief Information Security Analyst at MessageLabs said: 'We first started to see this trend in the last three or four months. It's not unusual for spam to include passages of text from books such as Alice in Wonderland or Lord of the Rings ... but it's the thought that's gone into it that's new.

'Once the Bayes filters are poisoned I'd imagine you'd get to the point where you are getting as much spam as you ever were. You'd just have to start again.'

There are any number of professions to choose from, but the spammers chose tecchies as the 'guinea pigs' for this latest trick, said Wood.

'It's speculation, but it's most likely the tecchie type of users talking to others on forums that are being targetted, and with more knowledge of antispam technologies, they would be more likely to use Bayes filters,' said Wood. 'It tends to be the sort of person who is quite promiscuous, in that they happily post things about technical issues on forums using their real email address.'

Wood said that spam campaigns are always carefully targetted to get the best open-rate possible. 'That's how they get paid, getting people to open spam mail ... that's how they measure the success of their campaigns,' said Wood.

And geek spam is no exception.

Asked what type of spam is being sent to geeks using this technique, Wood responded: 'So far, it's been mostly pharmaceutical stuff.' And on whether this is the type of spam most likely to appeal to geeks, Wood said: 'Spammers would seem to think so.'
Matt Whipp

Submit to: Digg  |  Slashdot  |  Del.icio.us  |  Technorati

Related News


Back to top
Compare Broadband
Broadband?
Compare 50+ packages
Enter your postcode below:
Powered by:
Top 10 Broadband
› See more News
› See more Hot topics

Columns

Prolog:

Tim Danton wonders whether it's wrong to fall in love with a USB dongle... › See full Opinion
› See more Columns
›  See more Research Papers