Modernizing Authentication — What It Takes to Transform Secure Access
Date: 12/14/2017 @ 1 p.m. ET
And several anti-spam experts say the hundreds of thousands of open proxies created by viruses, like Sobig and MyDoom, are largely to blame for the spam explosion.
''If spam maintains the rate it's going on now, you don't want to know how bad it could be a year from now,'' says Mark Sunner, chief technology officer of MessageLabs, Inc., a New York City-based company that provides managed email security services and tracks the proliferation of spam. ''If you do a straight trajectory [on the current growth rate], spam relative to normal email will be in the high 70 percentile by this April... it'll hit about 80 percent by the third-quarter and easily edge over 90 percent by January of next year.''
And Sunner adds that about 66 percent of the spam they're intercepting is coming from machines infected with one of the various Trojan-dropping viruses that have been circulating
Spam has gotten so bad that it's driving people away from using their email. A recent report from the Pew Internet & American Life Project, an organization focused on researching the Internet's impact on society, shows that people are actually using email less because they don't want to deal with the digital scourge.
The worst part may be that it just keeps on coming. There's no ebb and flow to this tide. It's not like even the worst viruses that come, do their damage and leave. Spam just keeps hammering away at corporate networks and ISPs, never ebbing -- always increasing.
''It's at the point that some enterprises are under realtime, constant denial of service by spam,'' says Francois Lavaste, a vice president at San Francisco-based anti-spam company Brightmail. ''Unfortunately, we haven't seen any slowdown in the pace that spammers are sending unsolicited bulk mail. It's putting a lot of stress on business systems and the users' inboxes. The pain level of spam is becoming really incredible.''
Lavaste says none of the spam forecasts look good.
''It'll be 65 percent to 70 percent by this coming June,'' he adds. ''There are different forecasts on how bad it's going to be. We're trying not to be alarmists... but it's not unreasonable to say that it will reach 80 percent of email.''
More Spam, More Pornography
Lavaste, along with other anti-spam analysts, says a part of the problem is how much of the spam is pornographic.
About 17 percent of all spam is pornographic in nature today, according to Lavaste, who adds that that number is up from about 10 percent or 12 percent last year. What makes it worse is that as the amount of overall spam increases, that 17 percent portion equals a larger and larger number.
''It is bad. It's very bad,'' says Lavaste. ''Spammers are using every trick in the book, including very graphic images, tricky subject lines or subject lines that are becoming much more graphic. Spam is getting nastier, in terms of its adult content and fraudulent nature.''
Pornographic spam causes even more trouble for businesses, which are under the gun to keep sexual images, sexual innuendoes and anything graphic out of the workplace. Smutty spam has much more potential for upsetting workers and interrupting the workday, and could even lead to legal issues in an age of strict sexual harassment policies and laws.
MessageLabs analysts calculate that 20 percent of spam is pornographic, 40 percent is related to pharmaceuticals and the other 40 percent covers everything else from get-rich-quick schemes to low mortgage rates and lose-weight-fast offers.
Despite blacklists, email filters and even governmental efforts like the Can Spam law, the flood of unsolicited commercial email comes coming. And several analysts point to the convergence of spammers and virus writers as the cause.
It used to be that blackhat hackers wrote malicious code to make a name for themselves. They wanted the notoriety and respect in the underground community. Several months ago, however, analysts started to see a dramatic increase in virus writers working to make a buck instead of making a name for themselves.
Because of that malicious marriage of spam and viruses, an increasing number of worms are being let loose in the wild complete with backdoor Trojans and the ability to set up open proxies. Once those are in place, the spammers can take control of the infected machines and use them to send out wave after wave of spam.
Anti-virus experts estimate that the recent MyDoom-A worm compromised 500,000 to 1 million computers -- all with open proxies. And they expect that army of zombie machines will be put to use in the spam community, much as anti-spam experts believe computers infected with the Sobig virus were.
''Just a year ago, it wasn't a major problem,'' says Lavaste. ''There's definitely been a dramatic increase. Today, open proxies generate at least one-third of the spam volume.''
Lavaste adds that they see a lot of spam coming from computers compromised by the Sobig virus and though they haven't seen it yet, they expect to see it start coming from MyDoom infected computers.
Sunner adds that he expects a huge increase because of MyDoom.
''I would suspect to see an increase because of MyDoom since it's so similar to Sobig,'' he explains. ''You now have a whole plethora of machines harvested to send out spam if the author wants... It sticks out like a huge beacon that this is where the spam is coming from.''