Home

Web hosted spam and email-borne malware

July 5th, 2007 by Batya | Category: Email Security |

Over the last week or so there has been an outbreak of a new type of email-borne malware. The latest wave of the notorious Storm malware is being distributed via emails that appear to be ecards sent by family and friends. The link to view the card leads users to a malicious website that attempts a drive-by malware download.

By hosting the malware on websites virus writers slip past AV defenses that look at suspicious executables within the message. In this case there is no virus attached to the message itself, so it appears ‘uninfected’. This tactic is similar to a development we saw with image-spam earlier this year. As the anti-spam industry started getting better at filtering spam images, spammers started hacking innocent websites and posting spam images there. Then mass-distributed email with a link to the hosted spam image.

These developments bring two points home:
• email is under attack - the most popular distribution method for both spam and malware
• True email security needs web awareness

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Tags: , , , , , , , , ,

Related posts

 

Leave a Comment

`
 
© 2008 Commtouch Café
 | Site by illuminea | Sitemap