For anyone who thought the spam slowdown that followed the shutdown of rogue ISP 3FN was still going on, Google has some bad news for you.
In its report on spam during the second quarter of 2009, Google found that spam continued to tick upward, experiencing a short-lived but significant drop when 3FN was dismantled. Following the takedown, spam dropped 30 percent before recovering, climbing 14 percent after the initial drop.
“‘Unpredictability’ summarizes the overall trend as Q2 ’09 winds down and spammers test both new and ‘retro’ techniques,” blogged Amanda Kleha of the Google message security and archiving team. “For example, on June 18 we tracked a new attack that unleashed 50% of a typical day’s spam volume in just two hours’ time. This attack used a simple ‘newsletter’ template—somewhat ‘old school’ by today’s spam standard—with malevolent links and images inserted into the content.”
Google detected more than 11,000 variants of this spam during those two hours. Distribution lists were reportedly hit hard by the attack due to the fact that the spam enabled spoofing of the recipient domain.
Overall, spam increased 51 percent during the month of June, according to MX Logic. Its report puts spam as an overall percentage of e-mail volume to be at its highest point since December 2006, when it says image spam was at its peak.
While image spam may have declined somewhat in popularity overall, several vendors have reported it as making something of a comeback in the past few months. Both Symantec and IBM’s X-Force noted an increase in May.
Google also noted a resurgence in image spam, though the firm was not able to answer definitively what was behind it. While one theory holds that spammers are testing the defenses of different filters out there, there is also speculation that there may be some new players entering the spam business opening up with a salvo of tried-and-true techniques.
June was also an active month for viruses sent as e-mail attachments, with volumes rising to their highest level in almost two years, Google reported. The month’s activity is almost as high as the two-month payload virus surge seen in the third quarter of 2007, Kleha wrote.
“In summary, Q2 ’09 saw continued unpredictability and the resurgence of old-style spam attacks,” Kleha blogged. “Are spammers finally running out of original ideas? And if so, like Hollywood, are we now starting to see spam ‘remakes,’ based on originals of a few years ago? And what are spammers looking to accomplish as they unleash these remakes? Only time will tell.”