It appears as if the press-hyped decrease in spam that was predicted to accompany the arrest of the “spam king” isn’t materializing. Check this story by ComputerWorld’s Gregg Keizer.
June 04, 2007 (Computerworld) — Extremely aggressive spam blasts against individual domains, dubbed “spam spikes,” are on the upswing and can disrupt small and midsize businesses as much as a determined attack designed to knock a company offline, MessageLabs Ltd. said today.
In one attack monitored by the U.K.-based security company, a spam run of more than 10,000 messages struck a single domain over an 11-hour period, accounting for 75% of all the messages pointed at the domain.
“The purpose of a spam spike is to defeat appliance-based anti-spam systems that rely heavily on signatures, rather like desktop antivirus software,” MessageLabs said in a report it just published.
“For smaller businesses, these can cause problems for the company’s e-mail servers. A spam spike can have an effect similar to that of a DDoS (distributed denial of service) attack,” MessageLabs said.
May’s data also indicated a continuing trend in targeted attacks that aim one piece of spam at a single recipient. The number of micromanaged spam attacks last month was down somewhat: 595 total e-mails, compared with March’s 716. However, the percentage of those one-off attacks that relied on malformed Microsoft Office documents jumped to 95% from 80% two months before. Sixty-four percent of the attacks used a malicious Word document, while 17% exploited Excel and 14% offered up a bogus or infected PowerPoint file.
Link to Mr. Keizer’s story.