Spam botnets get smarter, target victims using personal data revealed on social networking sites |
 |
By Staff
21 Dec 2006 | SearchSecurity.com |
|
|
Junk email messages now outnumber real email by almost 10 to 1, but it's not the incredible volume of spam that has security experts concerned -- it's the increasing sophistication of the botnets that send spam, their ability to bypass corporate security nets and the increasing level of social engineering involved in attacks.
Less than 1% of all spam contains some kind of malicious payload, according to MessageLabs. But phishing attempts -- which are designed to trick recipients into revealing financial data on fake Web sites, among other exploits -- make up more than two-thirds of all malicious messages.
Spammers are using social networking sites such as MySpace to harvest the names and addresses of victims, as well as other identifying data such as zip code and street address. That information can make a fake message from a bank, for example, look more real and increase the likelihood that a recipient will fall for the scam.
That level of specificity increases the risk because people are more likely to trust (and fall for) emails that not only appear to have come from their own bank, but also include some level of accurate personal information, according to security experts.
Smishing -- attacks using SMS -- are also becoming more common as consumers increase their dependence on cell phones, VoIP phones and other non-computer IT devices.
The original version of this story appeared on TechTarget's SearchSecurity.com.
|
