Double byte spam begins to bite email users
22.09.2004
In what is likely to be the latest tactic deployed to fool spam filters, Clearswift’s latest analysis of spam has identified a significant upsurge in spam based on double byte characters — ie spam written in Chinese, Japanese and Korean characters.
While spam written in these languages is unlikely to have a significant impact in Ireland, where only a small minority of people would understand the subject of the emails, the recent rise in this kind of spam suggests spammers may be seeing a high response rate in the Asian territories. This could indicate that more unsolicited mail is actually emanating from these countries, with the spammers specifically targeting Far Eastern countries with localised offers.
Double byte character spam is an effective way of bypassing the majority of spam filters as they are not yet sophisticated enough to analyse the content of spam so written. As a result, and the fact that anti-spam vendors will take time to get up to speed with this new threat, it is likely that this 'spam tsunami' will continue to grow stronger.
"We started seeing this new breed of spam back in June but in the last couple of days of August it was suddenly everywhere," comments Alyn Hockey, director of research at Clearswift. "From almost nothing, these oriental emails have risen to account for 5pc of all spam within the space of a month."
In other security news, a new version of the internet worm MyDoom includes a photo of Netsky worm writer Sven Jaschan and a description of the worm itself.
In the latest bizarre twist in the worm's life cycle, authors included a detailed account of what MyDoom.Y does and how it works. This particular tactic has left antivirus vendors baffled.
The description of the virus included two signatures, Nemog and Zincite. Jaschan, who was charged earlier this year by German police for creating several variants of the Netsky virus, is believed to be responsible for 70pc of the virus infections that plagued internet users in 2004.
In a further development in the ongoing story, the teenage virus writer has been offered a job at a security firm. The firm, Securepoint, says it will teach the ex-malware maker to be a security programmer. The security vendor says it would like to hire the reformed virus author because he had knowledge in the field and deserved a chance to prove himself.
Jaschan's software training may need be put on hold, however, for some months — even years. The teen is currently facing a range of charges, including data manipulation and computer sabotage, which could see him sent to jail for up to five years.
Double byte character spam is an effective way of bypassing the majority of spam filters as they are not yet sophisticated enough to analyse the content of spam so written. As a result, and the fact that anti-spam vendors will take time to get up to speed with this new threat, it is likely that this 'spam tsunami' will continue to grow stronger.
"We started seeing this new breed of spam back in June but in the last couple of days of August it was suddenly everywhere," comments Alyn Hockey, director of research at Clearswift. "From almost nothing, these oriental emails have risen to account for 5pc of all spam within the space of a month."
In other security news, a new version of the internet worm MyDoom includes a photo of Netsky worm writer Sven Jaschan and a description of the worm itself.
In the latest bizarre twist in the worm's life cycle, authors included a detailed account of what MyDoom.Y does and how it works. This particular tactic has left antivirus vendors baffled.
The description of the virus included two signatures, Nemog and Zincite. Jaschan, who was charged earlier this year by German police for creating several variants of the Netsky virus, is believed to be responsible for 70pc of the virus infections that plagued internet users in 2004.
In a further development in the ongoing story, the teenage virus writer has been offered a job at a security firm. The firm, Securepoint, says it will teach the ex-malware maker to be a security programmer. The security vendor says it would like to hire the reformed virus author because he had knowledge in the field and deserved a chance to prove himself.
Jaschan's software training may need be put on hold, however, for some months — even years. The teen is currently facing a range of charges, including data manipulation and computer sabotage, which could see him sent to jail for up to five years.
Categories:
Tags:
Sage Ireland
