The New Wave of Spam

Spam continues to be a pervasive problem that all small to mid-sized businesses must deal with. According to the most recent Symantec Internet Security Threat Report:

• Between July 1 and December 31, 2006, spam made up 59% of all monitored email traffic. This is an increase over the first six months of 2006 when 54% of email was classified as spam.
  65% of all spam detected during this period was written in English.
• Spam related to financial services made up 30% of all spam during this period, the most of any category.
• During the last six months of 2006, 44% of all spam detected worldwide originated in the United States.
• Dealing with spam is a waste of valuable employee time. According to a new study conducted by Nucleus Research, two out of every three email messages received by today's business users are spam. The study also says that users are spending 16 seconds identifying and deleting each spam email, at a cost of $712 per employee in lost productivity, which translates into an annual cost of $70 billion to all U.S. businesses.

In addition, spam often contains offensive material, and can possibly expose the recipient to fraud. Spam also has the ability to consume email servers and negatively impact network performance. Today’s spammers are turning to a new form of spam called "image-based spam," which is not only a means of bypassing anti-spam filters, it also uses a great deal of bandwidth and storage space — commodities that are in short supply in many small and mid-sized businesses.

Image-based spam
"Image-based spam" has become a popular technique among spammers because of its ability to bypass traditional anti-spam filtering technologies. Instead of sending messages as text with or without accompanying images, spammers have started sending messages that are comprised only of images.

Image spam is an unsolicited email message that contains only an image (typically an embedded .JPG or .GIF file). This image is formatted to have whatever message the spammer wants to convey. There might be a picture as well as some "text" in the email; however, the "text" is part of the image. Spammers also try to confuse filters by slightly varying the images in each email. These are subtle changes, like lightening the background or border color, changing margin size, or adding tiny spots to the background. These changes are invisible to the eye (or irrelevant to the reader), but make it very difficult for anti-spam technologies to detect them as a single spam attack since all of their spam "signatures" are different.

Image spam has enjoyed explosive growth recently; in fact, Richi Jennings, senior analyst for Ferris Research, says that the number of image spam emails has increased tenfold (900%) over the past year. Image spam is also a particularly heavy consumer of bandwidth and storage space. While a text-based spam message usually runs 5-10KB, the typical size of image spam ranges from 10-100KB, Jennings said.

Automated spam
Much of the image spam is coming from botnets, a network comprised of PCs that have been infected with a virus in order to allow an unauthorized user to control the computer remotely. Using botnets, spammers can control a large number of compromised computers, which can then be used to launch coordinated attacks. Between July 1 and December 31, 2006, Symantec observed an average of 63,912 active bot-infected computers per day. This is an 11% increase over the previous six-month period. Having the computing power of thousands of PCs at their disposal enables spammers to send out more messages using more creative techniques, and that has likely led to the popularity of image-based spam today.

Looking ahead
Going forward, it looks like small and mid-sized businesses will continue to receive a lot of spam, and the message techniques will continue to change. Spammers will continue their quest to bypass anti-spam filters — not only with image spam, but also using broken images or animated GIFs. In order to protect your email systems, you need an anti-spam solution that utilizes that latest data and constantly updates the filter rules to keep up with the changing nature of spam.

itSynergy has traditionally worked side by side with its customers in the fight against spam, and this month we are finally announcing our eagerly anticipated enhanced spam offering. For those customers that find the free Microsoft spam filter (Internet Message Filter or IMF) to be 'good enough' we are happy to continue working with you to implement, manage, update, and maintain that technology. For those customers that need the more advanced features and quality of a more robust paid solution, we are now offering a managed spam control offering as part of the itSynergize family of services. The advantages offered over the free IMF service are:

• Email processing is moved to an offsite data center meaning your server's resources are only used for valid email.
• Every incoming message is scanned by two separate and independent virus scanning engines.
• Up to 1 GB (more than a month's worth for most customers) of email is spooled in the event your server goes down. You'll never miss another message again, and we guarantee 99.999% uptime which translates to less than 5 minutes and 15 seconds of downtime per year.
• Each of your users receives a daily summary of spam messages. If they see something they want, they just click a link to deliver it. That means your users now look at ONE message per day instead of all the spam that gets through now. It also means YOU don't have to manage what is caught in the filter like you did with IMF.
• All spam is retained for 14 days so even if someone is out on vacation, they can still review their spam when they return and recover anything they need. In fact, even if they have a spam message sent through, it still stays on the servers for 2 days just to make sure you get what you need.

Please contact us today for more information. We can generally have you up and running on this new service in a matter of hours so you'll never have to spend a portion of your day managing spam again.