MessageLabs has announced the results of its annual intelligence report for 2006, examining trends seen in the last year. The report highlights the relentless escalation of spam activity in 2006, with the average spam level for the year at 86.2 percent of e-mail traffic. This number was driven by increasing sophistication of botnets and targeting techniques.
MessageLabs reports that in 2006, 63.4 percent of spam came from new and unknown sources.
“The one thing that spammers rely on is botnets, the robot networks where they’ve created Trojans that have been installed on people’s computers without their knowledge, and they can use those computers remotely, en masse, to send out their spam,” said Paul Wood, MessageLabs senior analyst. “Over time, those computers become identified, either by the ISP hosting them or by organizations such as Spamhaus, and they will then appear on a block list. So, the value of those computers actually goes down, and the need to create new ones increases, and that’s why there’s a constant life cycle of the botnets moving around.”
Spam attacks carried out on social networking sites such as MySpace became much more prevalent and frequent in 2006. MessageLabs expects these to continue because of useful and accessible contact information and user interests contained in member profiles, making it easy to launch targeted attacks.
Attacks on such sites, however, do require an actual person to create an account and direct the attack.
“At the moment, it seems to be not quite as automated as the e-mail spam environment, but I’m sure it wouldn’t be difficult to build on that,” Wood said.
Social networking attacks work by one of two methods. First, a hacker phishes MySpace members or cracks their password and uses their account to send messages or post fraudulent, promotional bulletin board announcements. Second, a hacker sets up a fake profile, using a picture of an attractive young woman, then uses software to send out friend requests that target a large group of young men.
“Quite often, because of the target demographic, they might just click on the profile, look at it and add them as their friend, and what they don’t realize is it isn’t a real person — it’s just someone trying to advertise a Web cam site, for example,” Wood said. “Even just by clicking on some profiles, they’ve become infected by some kind of Web bug. There’ve been cases of MySpace worms spreading as a result of that, where you click on a link or a profile, and that can automatically open a window to another Web site that’s hosting some malicious content. (MySpace) has tried to step up to the mark and address some of these problems, but by the very nature of a social networking environment, human nature is to click on links without really thinking of what they’re actually doing.”