Spam Spikes This Holiday Season

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

The latest Symantec numbers appear to provide fresh hope for
e-mail account holders weary of messages about Viagara and mortgage refinancing loans —
a leveling of spam.

Symantec officials said spam volume held steady at 66 percent between August and
October this year. However, Symantec expects the amount of unwanted e-mails
is going to increase 2 percent to 4 percent in the waning
months of 2004 — just in time for the holidays.

“We’re getting ready for the usual holiday rush that occurs from right
about now until [the end of] Christmas,” Carlin Wiegner, Syamantec e-mail security
director of product management, said. “It’s been flat, but we’re expecting it to pick up.”

According to the security vendor’s historical data, a similar flat line in the months
leading up to November and December occurred last year. From July to October 2003, spam percentages
fluctuated between 50 percent and 52 percent before spiking 4 percent to 56 percent in November.
This year, July through October numbers hovered around 65 percent and 66 percent.

Symantec is not the only e-mail security company witnessing similar trends. MessageLabs, a
New York-based security firm, saw spam volumes reach
82 percent earlier this year.

Mark Sunner, MessageLabs CTO, expects that number to increase to the 90th percentile this
holiday season, following a similar trend from last year, with phishing being the predominant
mode of attack.

“The holiday period provides the perfect fertile ground for a whole plethora of social
engineering,” he said. “There is definitely an increase in that kind of traffic in this
time period anyways so people are even more susceptible than they might normally be.”

The chief concern at Symantec and MessageLabs is the malware attached to
innocuous-looking e-mail, though both companies track and categorize other types of e-mail.

October 2004 Worldwide Spam Breakdown
Type	Volume
Product related	25%
Financial	16%
Adult theme	14%
Health	9%
Scams	8%
Fraud	7%
Other	7%
Internet	5%
Leisure	4%
Political	4%
Spiritual	1%
Source: Symantec

But Symantec’s numbers illustrate that spam isn’t only for breaking into your computer, absconding with your
address book or stealing your account numbers, though many do just that. Fraud-related spam
comes in around the middle of a list of catetgories, such as financial, adult-themed and health.

MessageLabs, on the other hand, scanned more than 1.91 billion e-mails in October and found that
1.47 billion of them were spam (76.76 percent). Many of these e-mails come from back-door Trojans
that, taken together, are called “zombie netbots,” which are used as a
springboard for other types of spam-related activities.

While the numbers look grim, the percentages don’t amount to actual e-mails in the inbox for most
consumer and corporate e-mail users. The numbers in both cases reflect the number of scanned e-mail
addresses by Symantec or MessageLab servers, which are all blocked at their servers.

The message, however, is pertinent to those consumers without an e-mail filter, firewall or anti-virus
application on the PC and those businesses without an effective e-mail gateway, whether it’s
vendor-supplied or homegrown.

Despite some big security adoptions, such as Yahoo’s announcement Monday to
implement DomainKeys,
businesses have been slow to pick up on recent technologies targeting a major source of spam —
messages with spoofed e-mail addresses .

According to e-mail security
vendor CipherTrust, a sample of 10 million messages in October showed a 75 percent increase in the
number of Fortune 1000 companies using Sender Policy Framework (SPF) records to process e-mails
over the summer.

SPF is a technology specification authored by Meng Weng Wong that checks SMTP
information found in e-mail headers to verify whether a message has truly come from the source displayed.

While SPF merged with
Microsoft’s Caller ID for E-mail earlier this year to create Sender ID for E-Mail, the original
open source technology — sometimes called SPF-Classic — remains popular with e-mail server
administrators, notably AOL.

Adoption of SPF-Classic or any other type of e-mail authentication scheme over the summer
slowed, said Dmitri Alperovitch, a CipherTrust research engineer, because of the
negative attention
surrounding Microsoft’s technology, but expects it to
pick up early in 2005.

“As the phishing gangs cast a wider net and
start targeting other companies, we see [companies] contacting us and seeing what they can do about it,” he said.

One of the more surprising statistics coming out of CipherTrust is the anemic SPF adoption from
legitimate commercial e-mails from companies — called “ham” — compared to spammers.

Bulk ham
that contained an SPF record in October amounted to 1.33 percent, while 9.29 percent of spam contained
an SPF record. Alperovitch said the number is indeed odd, as many of the larger companies
(like CitiBank) have a vested interest in eliminating phishing attacks, but pointed to the
fact it takes larger companies more time to implement new technology than independent, smaller outfits.