[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Tuesday, 26 December 2006, 00:35 GMT
Spam surge drives net crime spree
By Mark Ward
Technology Correspondent, BBC News website

Windows XP on shop shelves, PA
Windows is the favourite target of malicious hackers
The tussle between computer security companies trying to protect your PC and the bad guys that try to compromise it is often characterised as an arms race.

Sometimes the security companies have the upper hand as they develop and deploy novel techniques to spot and stop malicious software of all stripes.

And sometimes, such as in 2006, the bad guys are on top. And nowhere has this been more apparent than in the realm of that old favourite - spam.

In the closing months of 2006 spam volumes jumped enormously. According to e-mail filtering firm Postini, spam volumes increased by 73% in the three months to December.

"92.6% of all e-mail messages are spam," said Dan Druker, spokesman for Postini. "That's the highest it's ever been."

Other e-mail security specialists have not reported such big leaps in junk mail volumes, but all say that they are seeing more spam than ever before.

Jump in junk

The type of spam being sent has also changed, said Mr Druker. In 2004 only a small percentage of junk mail messages had images in them. Now, said Mr Druker, the figure is 25%.

"A lot of spam is in the form of images and HTML documents that are designed to get beyond the filters," he said.

Mouse and keyboard, Eyewire
Attackers rely on hijacked home PCs to send out spam and viruses
Filters are good at analysing plain text to spot the tell-tale signs of spam but they struggle if the text is in an image. Techniques are being developed to help them read images but none are widely deployed yet.

Spammers are also turning out more variants of their messages than ever before. This is because tweaking the text in small ways can help to fool the anti-spam filters and get the messages through.

Dave Marcus, security research and communications manager for McAfee's Avert Labs, said some of the other reasons behind the rising tide of junk mail provided a good summary of how the digital underworld had developed in 2006.

To begin with, he said, the software tools that hi-tech criminals use to put together spam runs and craft their messages have in the last 12 months got much easier to find and use.

The bad guys have also got a lot better at managing the platform they use to send junk mail, he said. Increasingly, said Mr Marcus, junk mail is routed through home PCs that have been hijacked by viruses or booby-trapped webpages. Networks of these remotely-controlled computers, or bots, are called botnets.

"80% of spam is shot out through botnets of some form," said Mr Marcus.

Home help

Attackers are also getting better at recruiting PCs to botnets and stopping their owners finding out that their machine has been compromised and is being used to send out junk mail or malware.

Palyh virus in e-mail inbox, BBC
Mass-mailing viruses are a distant memory, say experts.
The most popular way of recruiting a PC to a botnet is by getting its owner to click on the booby-trapped attachment on an e-mail. In a bid to catch more people out, virus writers are turning out more variants of their creations.

No longer do they just send out millions of copies of the same virus or malicious program. This has led to an explosion in the number of viruses and variants in circulation.

"We are seeing 150-200 new pieces of malware every day," said Mr Marcus.

The creators of the malicious software were pumping out variants, said Mr Marcus, to defeat anti-virus companies by overwhelming them with novelties they have to investigate, analyse and warn their customers about.

Paul King, a senior security advisor for Cisco, said it also showed said how malicious software was becoming more targeted.

Gone, he said, were the days when millions of e-mail addresses got the same virus. Now the viruses and trojans are being customised to catch out as many people in a target organisation as possible.

"There's less focus on what is the top virus," said Mr King, "to be quite honest it does not really matter because the criminals just do what works."

The problem for many organisations was spotting threats that only they are being hit with.

"Those types of threats are not going to be on anyone's radar," he said.

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific