[ news_security_news ]
Clearswift's Latest Analysis Of Spam Identifies Upsurge In Spam Based On Double Byte Characters
SecurityProNews
Staff Writer
2004-09-20
 Insider Reports RSS Feed
In what is likely to be the latest tactic deployed to fool spam filters, Clearswift's latest analysis of spam has identified a significant upsurge in spam based on double byte characters -- i.e., spam written in Chinese, Japanese and Korean.
While spam written in these languages is unlikely to have a significant impact in the United Kingdom, where only a small minority of people would understand the subject of the e-mails, the recent rise in this kind of spam suggests spammers may be seeing a high response rate in the Asian territories. This could indicate that more unsolicited mail is actually emanating from these countries, with the spammers specifically targeting the Far Eastern countries with localized offers.
Double byte character spam is an effective way of bypassing the majority of spam filters as they are not yet sophisticated enough to analyze the content of spam based written in double byte characters. As a result, and the fact that anti-spam vendors will take time to get up to speed with this new threat, it is likely that this "spam tsunami" will continue to grow stronger.
"We started seeing this new breed of spam back in June but in the last couple of days of August it was suddenly everywhere," commented Alyn Hockey, director of research at Clearswift. "From almost nothing, these Oriental mails have risen to account for 5% of all spam within the space of a month."
Clearswift's spam index reveals the continued dominance of financial and pharmaceutical spam. See spam chart for details.
According to Clearswift's virus index, August was dominated by the Netsky family of mass-mailing viruses despite the arrest of its suspected teenage author, Sven Jaschan, earlier this year. Although Netsky's original objective was to disable the Bagle/MyDoom viruses, which were being used to hijack zombie PCs for denial of service (DDoS) attacks, Jaschan faces up to five years in jail following charges of computer sabotage, data manipulation and disruption of public systems. It's a pity he didn't realize that Clearswift's MAILsweeper for SMTP e-mail filtering solution pro-actively detects new Bagle worms by the tell-tale signature held within the mail header. See accompanying virus chart for details.
The spam categorization statistics were extracted from the millions of spam e-mails harvested by Clearswift's seed accounts on a weekly basis. They are collated and analyzed using Clearswift's spamActive service, which is an integral component of the multi-layered anti-spam protection offered by MAILsweeper Business Suite II. Updated eight times daily, spamActive routinely extracts spam terms, sender domains, URLs and subject lines, which can be automatically downloaded to update customers' e-mail policies. The virus statistics are generated using raw data from Clearswift's e-Sweeper, a managed e-mail content security solution for service providers.
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
