Security experts have noted a new trend in spamming that involves surges of spam sent to individual domains to knock email servers offline, according to a new report.
The findings of the MessageLabs Intelligence Report noted the appearance of sudden spam surges, or "spam spikes". These spikes were also designed to defeat anti-spam appliances that use signatures to weed out unsolicited email.
According to the report, one such attack on a domain lasted 11 hours and 10,000 junk emails was sent by spammers to the domain's email servers.
The report also noted that image spam is changing. Rather than embedding images in the message body of a spam email, spammers are now hosting the image on a number of picture hosting websites that don't require any form of registration to upload image files.
A link to the spam image is then included in the body of the message, either as a link that will display the message when clicked, or included as an HTML image.
According to information gathered by the company, the group that launched this recent attack was also the same group responsible for abusing Imageshack, a popular image hosting site. MessageLabs said that it is difficult for traditional anti-spam methods to guard against these forms of attack.
Experts said that spammers have continued attacks by developing new tactics to "fly under the radar and cause the most damage."
"With the increase in spam spikes and new techniques with image spam, it is crucial for businesses to take a multi-layered security approach among email, web and IM to protect their employees and their systems completely from these malicious attacks," said Mark Sunner, Chief Security Analyst, MessageLabs.
The research found that spam has in fact decreased 3.4 per cent from last month. Spam accounted for 72.7 per cent of all email. Viruses accounted for one in 118 emails, according to figures from the company.
-
Enterprises face delicate balancing act with data center sustainability goalsNews High energy consumption, raw material requirements, and physical space constraints are holding back data center sustainability efforts, according to new research from Seagate.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Microsoft to end Client Access Rules support in Exchange Online by 2023News The deprecation process will begin as early as October 2022, according to reports
-
Microsoft blocking Tutanota users from Teams registration, claims fix unfeasibleNews Tutanota claim this is an antitrust issue, as the company shares the problem with the public
-
BBX BlackBerry Server brings security ruckus for CIOsNews Working with the new BlackBerry Server, BBX will secure enterprise data and provision enterprise apps without blocking consumer apps.
-
Royal Bank of Scotland in Anonymous crosshairsNews Anonymous targets a host of companies as part of its Operation Green Rights campaign.
-
Anonymous claims US military email theftNews The hacktivist group says it took over 90,000 emails from US military personnel.
-
Websense Triton Security Gateway Anywhere reviewReviews Websense's TSGA claims to be the first unified solution for web, mail and data security that doesn’t rely on any third party components. It goes even further by amalgamating on-premises and cloud scanning in the same product, but is it too good to be true? Dave Mitchell finds out in our review.
-
Celestix MSA 3200i reviewReviews Microsoft has replaced its venerable ISA Server with Forefront TMG 2010 and Celestix delivers it as a complete plug-and-go security appliance. Read this exclusive review of the MSA 3200i to see if it is a more sensible alternative to buying and installing TMG yourself.
-
Scottish legal firm finds joy with cloud-based emailNews Freedom of information requests are to become much less of a pain for a Scottish law firm.
