The Link between Windows XP Users and Spam Volume
Second quarter IBM X-Force Threat Intelligence report finds an uptick in spam volume.
The problem of unsolicited bulk email, commonly referred to as 'spam,' is one that is well known and partially solved thanks to a myriad of technology solutions. According the the new IBM X-Force second quarter 2014 Threat Intelligence Report, the problem of spam has not gone away, but has actually increased.
Michael Hamelin, lead X-Force security architect for IBM Security Systems, told eSecurity Planet that when IBM was putting together the Q2 report, the biggest surprise was the massive uptick in spam.
"In March 2014, the X-Force team saw the highest levels of spam measured during the last two and a half years," Hamelin said.
There are a number of reasons why spam is once again on the rise, thanks to the use of old techniques as well as old operating systems like Windows XP.
"Spammers have resorted to old spam techniques by using image spam," Hamelin said. "One of the consequences that people targeted with Image Spam face: all of the messages are much larger than traditional text spam and can clog inboxes."
Image spam is an attempt to trick users into clicking on a message that has an image in it, with a hidden web address. Hamelin added that spammers are using older techniques like image spam to test whether spam filters are prepared for large-scale attacks.
There is also a correlation between Microsoft Windows XP usage and spam. Microsoft discontinued support for Windows XP earlier this year.
"We saw a correlation between countries where large percentages of people still use Windows XP and countries where botnets sending Spam are originating from," Hammelin said. "There is a correlation between people who are still using XP and users who don't apply patches so the hosts are often susceptible to attack."
Hammelin added that those users that are still running Windows XP typically don't understand the security risks and the fact that attackers aren't only after personal information, but also PCs can also be used to run a botnet or carry out a DDoS attack once compromised.
"There are no shortage of people coming up with malware to target Windows XP users -- it's just an easier and more vulnerable target," Hamelin said.
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist