PDF & Image Attachment Spam – The New Problem with E-mail

Use Netsparker


The spam landscape has changed quite a lot in the last year or so with image spam and now the latest tactic is PDF and .zip attachments.

PDF’s of course being preferred by spammers as you don’t need to extract anything to view their spam, you just open it in your favourite PDF viewer and read all about viagra and cialis!

Of course there was some nasty exploits in PDF recently aswell with some other XSS issues associated.

Anyway the point is GFI has recently released a new white paper exploring PDF spam, which describes how spammers have changed their spamming tactics over the years and how the common PDF file format has been adopted to send image spam.

This white paper explains what makes spam such an unbearable problem and how spamming tactics are evolving daily to beat anti-spam software. In the space of two months, spammers have switched from image spam to using PDF, Excel and ZIP file attachments. By using these attachments to send images instead of embedding them in the body of the email message, spammers have taken the cat-and-mouse game with anti-spam software developers to a new level.

It’s quite an interesting read.

The white paper is freely available for download here:

Attachment spam – The latest trend [PDF]

No registration is required to access this white paper.

If you have any questions about this subject, GFI has said we can ask them anything we want about this subject – so we can basically conduct an interview online about image/pdf/attachment spam and spam fighting measures in general.

So, if you have any questions just leave them in the comments, or if you feel they are too long – use the Contact Darknet form.

Thanks!

Posted in: Spammers & Scammers

, , ,


Latest Posts:


testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.
HTTrack - Website Downloader Copier & Site Ripper Download HTTrack – Website Downloader Copier & Site Ripper Download
HTTrack is a free and easy-to-use offline browser utility which acts as a website downloader and a site ripper for copying websites and downloading them for offline viewing.
sshLooter - Script To Steal SSH Passwords sshLooter – Script To Steal SSH Passwords
sshLooter is a Python script using a PAM module to steal SSH passwords by logging the password and notifying the admin of the script via Telegram when a user logs in.


4 Responses to PDF & Image Attachment Spam – The New Problem with E-mail

  1. TheRealDonQuixote August 17, 2007 at 7:38 pm #

    hmm, now I’m afraid to open the O.J. “If I Did It” leaked PDF somebody emailed me. I better triple scan it.

    If I could ask one question from GDI, it would be, “How can we actively fight back against these spammers and scammers? The email headers are bounced all over the place and the mail exchange servers seem to be legit businesses. Is there any way to make a vacation responder or something that would spam them right back?”

    I know there was a push to try and do this legally on a larger front, although I forget the name of the project, but I wanna know hot to do it on my own just to be naughty.

  2. Sarah August 24, 2007 at 1:55 pm #

    Reply to TheRealDonQuixote>

    When dealing with spam/scam issues, replying back to the actual message might very well be one of the worst options.

    Since a large portion of these kind of emails are sent using a forged sender address, a reply may effectively be going to an innocent person generating what is called backscatter or outerscatter. Systems that generate a lot of backscatter may end up being blacklisted themselves in the process.

    The best way to combat spam, including the latest PDF spam technique is to use a server based anti spam solution.

  3. TheRealDonQuixote August 25, 2007 at 12:28 am #

    @ Sarah
    I’m sorry if I miscommunicated something in my question. I know not to reply to any spam for all of the reasons you listed, plus you may wind up verifying that your email address is real and incur further spamming.

    I was aiming at being more like a digilanti, all V for Vendetta style. Something a little more dark and dangerous. You know, hacking!!

    We all know that you can peak at a message header to see where the spam/scam might be routed through, as well as checking domain names and other basic net sleuthing. However, its like begging for an RSI to do all that manually. And once you have any pertinent information, if any at all, what can one do with it? Is there a list to check against for spammers and scammers? Then what? Herd computing? Bot nets? A group of uber naughty white hat garden gnomes that already do this type of backhacking?

    What I am really looking for here is a way to f**k with these guys when I’m bored. Why? Cause … hey everybody has a hobby!! ;)

  4. Sandeep Nain August 31, 2007 at 2:25 am #

    Well I must say this spam thing is increasing day by day and we need to fight against spammers…

    Now this PDF and Zip file spams gonna be really hard to identify till you open the file… ufff.. either you gonna loose some important emails or you end up wasting time on opening each emails…