PDF spam levels plummet
- 30 August, 2007 11:00
It appears that PDF spam has had its 15 minutes of fame.
Having reached its peak volume on Aug. 7 at nearly 30 percent of all spam messages sent, PDF spam today is hardly registering on e-mail security vendors' spamometers.
The unwanted e-mails with PDF files attached -- usually pushing the recipient to purchase a penny stock that the spammer then dumps once the trading price goes up -- comprise less than 1 percent of spam today, according to security vendor Sophos.
PDF spam began hitting high volume levels in early summer, the highest of which occurred on Aug. 7 when a pump-and-dump stock scam exploded across the Internet, touting a company called Prime Time Group. The attached PDF looked like a financial newsletter advising the purchase of the stock. That spam blast, which some security vendors said at the time was the largest in spam history, lasted for the better part of the week.
There could be a number of reasons why PDF spam has all but disappeared, says Ron O'Brien, Sophos senior security analyst. Since the actual message is attached to, not embedded in, the e-mail, recipients may find it too time consuming or cumbersome to open, he says.
"A malicious embedded link, on the other hand, is quick and easy to access and would probably have a higher likelihood of luring people to open" it, he says.
The idea that PDF spam is too complex would explain why a few good old-fashioned spam messages appeared in some in-boxes this morning, simply stating the recipient should purchase a cheap stock before it gets snapped up. No attachments, not even a link to a Web site, just some persuasive text.
While spammers may be looking for new ways to get their message across, Sophos' O'Brien warns that e-mail users should beware of a false sense of security.
"Although PDF spam is showing a decrease currently, there's no reason to believe that it will not strike again," he says.
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
- Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks
- Building a Better Mousetrap in Anti-Malware
- Hybrid IT Service Management: A Requirement for Virtualisation and Cloud Computing
- Managing the Rapid Rise in Database Growth: 2011 IOUG Survey on Database Manageability
- Governance For All - Empowering IT and Business Content Owners
Telstra continues with billion dollar 4G plan
What’s life really like on the NBN? (Part II)
Australia lags Mongolia in Internet speeds
40 years ago, Ethernet's fathers were the startup kids
Windows 8 won't hit critical mass in enterprises, Forrester says