Malicious spam emails are a scary concept as we wrote in our Antivirus Aids Spam Fight article less than two weeks ago. This is where spam messages are laden with attachments carrying Trojans and viruses attempting to infect your computer. If they succeed (by getting past your antivirus defences and convincing you to open them) they turn your computer into a spam zombie which then sends more spam on behalf of the spammer. That’s if you’re lucky. Some malicious spam messages will infect your computer and attempt to steal your private data, including credit card and online banking details. Others will steal other personal information which can be used to forge your identity.

The reason for the steep rise in malicious spam levels is because of a recent spate of malicious spam emails. Specifically, two big malware spam attacks earlier this year, the Penguin Panic Trojan (responsible for 27% of malicious spam) and the Win32/Haxdoor Trojan (responsible for 12% of malicious spam), caused huge surges in the numbers of spamware blocked. This also represents a significant change in direction for spammers as spamware had previously almost exclusively attempted to zombify computers to use them in the propagation of spam. With the Penguin Panic Trojan attacking iPhones, evidence suggests that spammers are changing tact and looking for new platforms to exploit, including social networking communities like Facebook.

Most spam is still being produced in the USA (almost 20%), with the usual suspects of China, Brazil, Russia, India, Italy, Argentina, Italy, South Korea, Turkey and now Thailand and Columbia also sending significant amounts of spam.

Anti spam filtering services and anti virus services report that their filters continue to stop the same levels of spam as before the indictment, suggesting that simply prosecuting so called spam gangs alone, is not an effective solution.It may be that the continuation of spam levels may be as a result of the tens of thousands of HerbalKing zombied computers on the Internet being configured to send their queue of spam messages regardless of whether the HerbalKing servers are running or not.

If this is the case, we may possibly see a resulting reduction in spam levels in due course as theses zombies are either patched with anti virus tools or exhaust their existing spam message queues. As we have said before, we will continue to monitor this story and post updates here.

The truth is that anybody can receive backscatter because spambots often forge the senders address in messages they send. If a spambot on your computer sent a message to an address (which does not exist) and forged my address as the sender, I will receive the bounceback. Naturally, I would also be scratching my head as I struggle to recall sending a message to somebody I don’t know offering to sell them an authentic Rolex watch I don’t have. And at a mere $200!

Our spam filter service and other spam blocker services of any merit are already stopping backscatter reaching end user mailboxes. If you are experiencing problems managing your anti spam solution, or if it is not sufficiently filtering backscatter, consider a free 14 day trial of our service.

Al Iverson and Terry Zink have been writing about backscatter for years. See the Al Iverson article for an excellent definition of backscatter.

Apparently we all receive several unnecessarily CC, BCC and Reply-To-All messages at work each day which significantly cuts down our productivity. These, coupled with the equally unnecessary “thanks for that” and “no problem, anytime” responses to replies, can quickly add up to several hours a month in wasted time processing them.

In his article, Email Hell for Forbes, Ross Mayfield, writes that Basex Research calculates these interruptions are costing industry up to $650 billion each year in lost productivity. They also estimate that the average corporate employee will send and receive a staggering 228 email messages per day by 2010.

Mayfield suggests that businesses can reduce this email overload by transferring some of the need for these messages to be transmitted via email very easily. Companies can post the replies to questions on their blog or use Web 2.0 interactivity to publish and distribute answers preemptively.Of course, this is not going to be suitable for every type of situation, but can encourage companies to look at new approaches to communication.

As unsolicited email spam continues to tangle with spam filters and anti spam blockers, perhaps the first thing we can all do at work, is think twice before spamming our colleagues, clients and suppliers with unnecessary messages. Ross Mayfield’s Email Hell article suggests various additional approaches businesses can take and makes interesting reading.

“The #1 worst spam gang on the Internet for much of 2007 and 2008, and active since at least 2005, has been indicted by the US Federal Trade Commission (FTC) in conjunction with simultaneous charges in New Zealand and possibly Australia & India”

In a preliminary action on Tuesday, the FTC succeeded in convincing a US district court to freeze the assets of the group, known collectively within the anti spam industry as HerbalKing, and order them to shut down operations immediately. It is reported that the group had sent billions of spam email messages over the past 2 years on subjects ranging from replica jewelry, to fraudulent slimming pills and penile enlargement products, just to name a few. In ordering that HerbalKing cease their operations immediately the court may have succeeded in immediately and significantly reducing the levels of spam circulating on the Internet.

This is a huge victory for the anti spam effort and for the Internet community at large. However, it is feared that HerbalKing may have invested its assets in offshore bank accounts, thus effectively cancelling out any effect of a freeze on their assets in the USA.

As this is an early phase in the civil action, penalties and/or fines will not be handed down until much further in the case but, at Remote Anti Spam, we’re hoping that the US court in Illinois takes this opportunity to make a serious statement and show a committed intent to bringing down spam rings wherever they operate.

Sources: Spamhaus, NY Times

Another technique being used by spammers is that of embedding malicious code within the HTML source of some email messages so that the code is run when the email opens.

Security experts have also identified a rapidly increasing trend in phishing scams exploiting the current global financial turmoil. Phishing scammers are sending messages appearing to provide advice or services able to assist people with concerns over their mortgages, savings and investments.

Some sources have reported that there has been a 101% increase in the number of zombified computers sending spam in the last month, possibly a sign that spammers are realising an opportunity to benefit from the current financial crisis affecting everybody.

Here at Remote Anti Spam we are working closely with our partners and developing new rules and techniques to detect and block this surge in spam and malicious content. In the meantime we encourage our customers and all email users to exercise caution when receiving messages from people they are not familiar with, especially if those messages contain .zip or .rar files (whether password protected or not).

Crucially, users should also ensure that their antivirus software is up-to-date with the very latest definitions and antivirus software engines.

We are all now familiar with CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), the extra step we must all take when submitting almost any type of form on the web. The process involves entering the garbled, often illegible, text displayed on screen to prove that a human is completing the form and not a robot.

While it is relatively easy for humans to decipher the text on screen, computer bots find it much more difficult as the distortion of the text makes it difficult for them to identify the letters using their optical character recognition capabilities. However, in recent weeks it has emerged that Microsoft’s CAPTCHA has been breached by spammers again, and it has been suggested that spammers are getting it right between 10-15% of the time.

If spammers are successfully breaking CAPTCHA on huge services like Hotmail and GMail, who have the resources to implement the most secure techniques available, where does that leave the average webmaster who uses CAPTCHA to prevent the abuse of their contact forms, order processes or blog articles?

Well, some are suggesting that CAPTCHA in its current form is now rendered useless and just not viable anymore. Some industry experts are suggesting a wholesale switch to alternative forms of CAPTCHA, such as Microsoft’s Asirra image based format where users are required to identify  and distinguish between photos of cats and dogs.  Others, such as Terry Zink, are suggesting a second CAPTCHA challenge post sign up which would statistically reduce the overall success rate of the spammers’ bots.

Nobody quite yet has the perfect solution, and though many believe it’s just a game of cat and mouse, the anti spam industry continues to seek the most effective measures of preventing spam reaching our inboxes.

“NRS 597.970 Restrictions on transfer of personal information through electronic transmission. [Effective October 1, 2008.]

1. A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of electronic transmission”

At Remote Anti Spam, we believe that this is a bold and progressive move and will monitor developments there closely to see how it is enforced. Having said that, we acknowledge the massive headaches this will give small businesses in Nevada, as they must scramble to ensure compliance.

It is conceivable that many small businesses in Nevada will not have prepared and could find themselves breaking the new law from the outset on 1st October. It is unclear at this point how vigorously the Nevada state government will go after such small businesses, particularly in the period shortly after 1st October.

The state of Nevada originally passed this law in 2005 thus giving industry almost 3 years to prepare for today’s 1st October 2008 deadline. This law is designed, not specifically to prevent or filter spam, but as a move to protect citizens from identity theft, phishing and other similar crimes which can result in the leaking of personal private data over a public medium, such as the internet.

If other states observe and follow suit, we may be so bold as to speculate that we could see some sort of reduction in spam for that region as well as better digital protection for personal data on the internet.

Despite the inherent implication difficulties and the inevitable teething problems that will arise, we applaud Nevada for this pioneering and giant step forward.

Full details of the Nevada state law

Webmasters in the SEO forum at Digital Point, for example, are expressing their surprise that sites which they spent considerable time optimising and promoting seem to have had their PR decreased while sites they relatively neglected saw PR go the other way.

Some webmasters are suggesting that the only possible reason for this is that Google could now be taking a dim view on the excessive promotion of websites using social bookmarking sites like Digg, Stumbleupon and Technorati.

Google may now be considering the over marketing of sites within these channels as attempts to spam their index in order to unfairly rank higher in search results. The search giant is constantly tweaking its algorithm in order to filter spam and ensure the integrity of its search results continues to remain the most relevant and most highly regarded in the industry.

Spam filtering measures such as this, if the claims are founded, are just another in a long line of major directional changes Google have implemented into their search engine results spam filter to prevent the poisoning of their index. In the past they have dropped the relevance of the keyword tag, penalised sites which enter into controversial link exchanges and, even developed measures (allegedly) to prevent spammers who create short term sites benefiting from high search result placements in order to sell their dubious spamvertised products (search engine poisoning). These are just a few.

If it is indeed true that Google have rewritten their algo to weed out social bookmarking spam, could this spell the end of the social bookmarking phenomena which has surged in popularity in just a few short years, heavily due to the popularity of the medium with SEO experts and webmasters?

We will be watching developments closely and welcome your comments in the meantime.

Zink rightly suggests that the industry needs to look into some sort of secondary measure to prevent this happening. After all, spammers only need to break CAPTCHA once to win, while service providers must constantly battle to lock them out. However, we feel that his suggestion of sending a link which needs to be clicked in order to complete the email account signup process is seriously flawed. While this may be the perfect solution for newsletters and mailing lists it would not be suitable for email accounts as it assumes too readily that the person signing up (assuming it is a real person) already has an email address at which to receive that link.

While many of us nowadays do actually have more than a handful of email addresses, it is important to remember that there is always a generation of new internet users (students, children at home, people in developing countries, etc) who are signing up to these services for the very first time.

In these cases, where could you possibly send them that authentication link? Anti spam measures must continue to prevent the successful delivery of spam to our inboxes, while minimising the inconvenience to real people. The cops and robbers analogy is perfect to explain this.

The robber can indiscriminately shoot and cause harm to achieve his purpose while the cop must attempt to apprehend the robber yet keep innocent members of the community safe (and relatively unrestricted) during his pursuit.

That’s the anti spam fight in a nutshell.