Hit-and-Run spam attacks beating filters, infecting PCs

If you've noticed an increase the amount of spam you're getting recently, you're not alone. A new method of sending spam in short concentrated bursts, the equivalent of a hit-and-run attack, is beating filters and allowing more illicit and dangerous messages to reach your inbox.

USA Today reports on the most recent fast and furious spam attack that used a threat of tax problems with the IRS to trick people into opening and infecting their computers. The quick blast and the fact that downloading the "IRS" let spammers send out even more messages left even more computers in the hands of spammers.

Richard D G Cox, CIO of The SpamHaus Project which is non-profit dedicated to fighting spam, told WalletPop that, "The IRS malware attack mentioned in the article was notable for its intensity and relatively short duration, but there have been thousands of similar if not quite so prolific attacks over the last few years. However, since most users are now familiar with IRS-based phishing attacks, recipients are already wary of responding in any way to messages claiming to be from the IRS."

While spammers do appear to be focusing their efforts more on controlled bursts of spam to beat filters rather than using botnets to send out the same phishing email for months on end, it isn't necessarily new. This chart of spam flow statistics from SpamHaus illustrates the amount of spam sent during the last month.

The Max spam detected was 5,000 emails per second which equates to 432 million emails per day!
While Spam, especially botnet spam, is cyclical in nature that doesn't mean that all hope is lost when it comes to combating it. Cox explains the protection which consumers need to make sure is in place, "Email users more than ever need to be protected by good filters, which can remove over 90% of spam in general and are effective even against spike attacks such as the recent IRS burst. Of course, for spam that leaks through, users still need to be vigilant in not clicking on any unexpected links or attachments, and in keeping their operating system and software up-to-date with current patches."

How to protect yourself:

SpamHaus presents several specific steps you can take to protect yourself from spam and play a part in cutting down the amount of spam. For example; don't send "removes" back to spammers and don't sign up for "Global Remove Lists," both of which will simply result in more spam arriving in your inbox. They also provide a link to myNetWatchman, a tool that is designed to help "computer novices" determine if their computer is infected and being used to send spam.

In addition to these tips, you should make sure that you are running an-up-to-date antivirus program and using common sense. If you find that your personal email account is routinely the target of spam you may benefit from using a service like Gmail which provides a good spam filter and helps identify potentially dangerous attachments. Gmail also lets you open up word, excel and pdf files through an online service which puts an extra layer of protection between you and your computer.

The next time you get an email from the IRS, UPS or FedEx, ask yourself this question. Am I really expecting a package and how did they get my email address?
Read Full Story

From Our Partners