Spam Gets More Sophisticated--and DangerousBy Samuel Greengard | Posted 2014-06-17 Email Print
Because spam filters catch upward of 99 percent of junk email, spammers are using new methods—including carpet bombing spam and using randomized message headers.
One of the remarkable things about today's digital technology is that cyber-crooks and online thieves are often more knowledgeable and sophisticated about IT than CIOs, CSOs, CISOs and other executives.
While it's no news flash that hacking, cyber-attacks and data breaches have become far more insidious and risky over the last decade, it's important to note that there's a new threat in town: snowshoe spam. Because today's spam filters catch upward of 99 percent of junk email, spammers are turning to new methods—including carpet bombing spam and using randomized message headers to confuse anti-spam filters.
According to a blog posted at the Cisco Systems Website, the volume of snowshoe spam has more than doubled since 2013. It consists of bulk email that is unleashed using a large number of IP addresses, with a low message volume originating from each IP address.
The idea, of course, is for the spam to fly below the anti-spam systems radar and elude corporate security that relies on per-IP and per-domain reputation metrics. In other words, using lots of different IP addresses makes it appear that a problem doesn't exist.
But a big problem does exist. It's extraordinarily difficult to trap snowshoe spam. It gums up enterprise resources and undermines productivity, and it presents a very real threat of malware landing on a computer or network through attached files, links and other techniques such as Cross-Site Scripting (XSS) and SQL injection attacks.
So far, anti-spam software has been mostly ineffective at identifying these snowshoe email messages. And we can expect the problem to get a lot worse in the months ahead.
If one thing is entirely clear, it's that security as usual is not effective. Organizations must use a multi-layered strategy that relies on a variety of security tools, techniques and protections—all while focusing on education and training.
It's also critical for organizations to begin sharing data and connecting to each other in far more robust ways. Crowdsourcing techniques—including real-time anonymous intelligence and reporting tools built into software and systems—must emerge and be widely used.