[LINK] Spammers exploit Google Docs
brd at iimetro.com.au
Wed Jun 4 19:41:45 EST 2008
Spammers exploit Google Docs
By Robert Jaques
4 June 2008 01:57PM
Spam levels jumped in May to 76.8 percent of all emails sent globally,
according to new monitoring data..
MessageLabs' latest Intelligence Report attributed this hike to a change
of tactics in which spammers are moving away from a reliance on email
Spammers are instead moving towards the exploitation of free mainstream
hosted services such as Google Docs, Google Calendar and Microsoft SkyDrive.
"The savvy and accurate cyber-criminals of today seem to have abandoned
the attachments tactic that was so innovative in late 2007 and are
exploiting free hosted applications which have become mainstream in
2008," said Mark Sunner, chief security analyst at MessageLabs.
"The spammers are taking advantage of the fact that these services are
free, provide ample bandwidth and are rarely blacklisted.
"This is one more addition to the growing list of ways in which the
spammers have succeeded in outsmarting traditional detection devices."
MessageLabs intercepted spam emails in May which contained links to spam
contained in documents hosted on the Google Docs environment.
Traditional spam filters do not block links to the Google Docs domain,
and spammers are using this to their advantage and even tracking their
success through Google Analytics.
Spammers are also using Microsoft's SkyDrive shared file hosting
service. Spam generated using this technique accounted for one per cent
of all unsolicited mail in May.
In addition to the variety of new spam techniques, MessageLabs also
identified several new phishing exploits this month, including one which
preyed on a bank's environmentally conscious customers.
Using the Srizbi botnet to launch the attacks, the phishers took
advantage of a 'Go Green' campaign run by Central Bank in Missouri to
lure recipients into sharing their bank details in order to register for
Also in May, MessageLabs found evidence of phishing attacks claiming to
be from HSBC bank which purported to be a secure connection via HTTPS.
Closer inspection revealed that the attack was actually a standard HTTP
link to a domain pretending to be the actual bank.
brd at iimetro.com.au
More information about the Link