Advertisement
Promo

Security threats Toolkit

Spammers use your cat's name to sell you Viagra

Munir Kotadia ZDNet.co.uk

Published: 22 Jun 2004 16:45 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Spammers have started using spyware to steal personal information so they can customise the subject lines of unsolicited emails to increase their chances of being read.

Research by email security firm MessageLabs has revealed that spammers are targeting companies and individuals with unsolicited messages that have subject lines containing names, familiar words or phrases that have been stolen from the victim's computer.

This is possible once a computer has been compromised with a piece of spyware that can track keystrokes or scan documents and send the information back to the spammer.

MessageLabs' senior anti-spam technologist Matt Sergeant said the spam target is more likely to open an email if the subject line contains information that is directly relevant to them or their job.

"The idea is that by using familiar words and phrases, such as passwords, a pet's name or a company name, users will be more likely to open the email," Sergeant said.

The volume of spam has increased dramatically over the past two years, so much so that some security companies say the majority of email traffic is now spam. The problem intensified with the emergence of viruses and Trojans that were designed to infect unprotected computers and turn them into spam-sending zombies.

As the spam problem grows, so does the anti-spam industry; as a result, the spammers have started colluding with malware writers to try and increase their hit rates, according to MessageLabs.

Sergeant said that the lines between different email security threats are becoming more and more blurred.

"We increasingly find that spammers, virus writers and hackers are combining their malware to create evermore sophisticated email security threats," said Sergeant.

Maxine Holt, senior research analyst at Butler Group, said the spyware problem is potentially very serious. She said there is no way for a company to completely protect itself without disrupting every day business activities, so they should combine technology with education and enforce a security policy to reduce their risk as much as possible.

"Companies need to ask themselves what level of risk they are willing to accept in order to conduct their day-to-day business. Security is not just at the perimeter," Holt said.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
147 out of 284 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

2 comments

  1. These people, the spammers and virus writers, shou... Anonymous
  2. Thanks! http://www.dirfor.com/Sweden/ on... online directory main

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

Security Consultant - CISSP

Web Application Security Specialist

2nd Line Technical Support Engineer - Wilmslow, Cheshire

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters