SOURCE: Process Software

December 12, 2007 08:00 ET

Holiday Spam Is on the Rise

Spammers Use Creative Techniques to Circumvent Filters

FRAMINGHAM, MA--(Marketwire - December 12, 2007) - Process Software, a premier supplier of communications software solutions to mission-critical environments, announced today the 2007 holiday spam trends that are currently underway.

Process Software's Research Department has been tracking statistics for spam since they released PreciseMail Anti-Spam Gateway in 2003. Looking at sample statistics for November (a busy month for spammers with the holiday season) from 2003 to 2007, spam levels rose from approximately 80% of all incoming email to an organization to 94%. The volume of spam doubled from 2003 to 2004 and has since tripled from the 2003 level.

Typical spam during the holiday season includes gift spam, and Rolex watches are among the more popular items for sale. Process Software's Research Department has observed dozens of new variants of various enhancement drugs and "quit smoking" products, which account for a large percentage of the overall spam. Finally, there has been an increase of obfuscated stock spam and "broken" spam with random text and no URI or email address.

"Spammers are engaging in the same types of tricks as they have used in previous years," said Hunter Goatley, Principle Engineer for PreciseMail Anti-Spam Gateway. "Only this time, their techniques, in an attempt to circumvent filters, tend to be more creative than before." We have seen spammers use any one of the following techniques:

Images that Sell

Many of the enhancement drug spam and stock spam email messages include images. Typically, the sales pitch is hidden in an image, which the spammer hopes, will evade filters. "Image spam messages are poorly composed and include many HTML formatting issues which a good spam filter can catch," said Goatley.

Phishing for Victims

A phishing message is email sent to a user falsely claiming to be from an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. Goatley said, "Phishing messages are flourishing during the holidays. For example, there was one message claiming to be from Western Union, which describes how to send money using their services. The link included in the message was not to the legitimate Western Union website, but it was actually to a website in Russia. Uninformed email users could have been tricked into disclosing their bank account," added Goatley. Spam filters that support VMF (Verify Mail From) services, heuristic analysis, or a reputation database should be able to identify this type of spam.

Word Games

Spammers often try to circumvent filters by using misspelled words, spacing out words or cramming them together, and adding random, meaningless words. "For example, in the past, I have seen the word 'shipping' spelled with 'l' or '1' instead of 'i.' Recently, there was one with '!' so the word would look like 'shipp!ng.' These text illusions, which involve separating every character in a word with the same non-alphabetic character, wreak havoc with anti-spam filters that don't have the programmed intelligence to realize what's happening," said Goatley.

White Out

Many spammers believe that if they put enough non-spam text in their spam message as a decoy, it will make it past anti-spam filters. As a result, the Bayesian filter anti-spam technique, which relies on learning legitimate text from spam text, can be circumvented. Spammers will hide apparently legitimate text with HTML font tags to make the text and background the same color. "The use of white text on a white background to hide legitimate text has appeared in some of the more recent holiday spam. The spam text itself is set to display in a color that contrasts with the message background," added Goatley.

Only multi-layered spam filtering techniques can accurately handle the latest spam techniques.

About Process Software

Process Software (http://www.process.com) is a premier provider of communications software to mission critical environments. With over 20 years in business, Process Software serves thousands of customers, including many Global 2000 and Fortune 1000 companies. The Process Software product portfolio includes PreciseMail Anti-Spam Gateway, SpyCatcher Enterprise, PMDF Messaging Server, and a suite of TCP/IP applications and service for HP systems running OpenVMS.

Contact Information

  • Media Contact:
    Lauren Maschio
    Process Software
    Director of Marketing
    (508) 626-7525
    Email Contact