Advertisement
Promo

Security threats Toolkit

Staying one step ahead in the anti-spam arms race

Ingrid Marson ZDNet.co.uk

Published: 16 Jun 2004 10:30 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

With UK government legislation doing little to impede the relentless rise of spam, businesses are increasingly turning to software to keep mail systems functioning. Brightmail, recently acquired by security specialist Symantec, is a market leader in the spam-filtering industry, and is expected to announce a major upgrade of its software in the next few weeks.

ZDNet UK spoke to Mark Bruno, Brightmail's enterprise product manager, about how his company is keeping pace with new spamming tactics, the rise of SMS spam and the significance of the Symantec deal.

How has spam evolved since you joined the industry?
Originally spam was all ASCII text and we blocked it by comparing emails against known spam signatures. Then spammers started "hashing" -- changing one of two characters of the signature to avoid us picking it up, such as replacing the letter i with the letter l or the number 1. We block these emails by doing fuzzy matching.

The use of URLs has also evolved. Spam messages used to contain phone or fax numbers; nowadays, they have URLs directing you to a Web site. These URLs shortened messages, and that gave us less to create our signatures with. We started blocking messages with URLs in July last year, to which spammers responded by masking URLs.

We constantly monitor any changes in spam by using "honey pots" -- unused email addresses which we advertise on sites that spammers are known to use. We have more than two million "honey pots" and receive about 100 billion spam emails every month.

Why has the volume of spam increased so dramatically?
Because it is lucrative and easy to do. When I joined Brightmail three years ago, 8 percent of emails were spam. Now 64 percent of emails are spam.

Spammers earn anything from a few hundred thousand to a few million US dollars a year. It doesn't require technical expertise either -- you can buy spamming software that will do the hashing and encrypting URLs, and can buy a CD-ROM with 100 million email addresses for $100.

What will the future of spam look like?
Spam will become more and more sophisticated and will be seen in new mediums. Although our main focus is corporate and consumer spam, we are also moving into technologies to fight instant-messaging and wireless spam. Right now, SMS spam isn't a big problem in the UK, but this is likely to change -- there is already a high level of SMS spam in Japan, where the technology was taken up earlier.

Next

Previous

1 2


  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
86 out of 163 people found this useful


Full Talkback thread

1 comment

  1. I think we'll see further consolidation of smaller... Kikki Bona Sijabat

Company/Topic Alerts

Create a new alert from the list below:






Video icon

Video

Sentry Posts Blog

Met will not reopen phone hack investi...

The Metropolitan Police will not reopen its investigation into alleged phone hacking by the News of the World. In a press statement delivered outside Scotland Yard on Thursday, Assistant... More

Post a comment

FUD over ChromeOS's security already?

It hasn't taken long for the security vendors to wake to the potential of Google's new ChromeOS. The potential that is, to create FUD – fear uncertainty and doubt. In a release today,... More

Post a comment

Feds take DDoS in their stride

The US Department of Homeland Security has said that a series of distributed denial-of-service attacks began on US government networks on 4 July. However, Amy Kudwa, deputy press... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters