What will they think of next?

Feb 12, 2008 16:36 GMT  ·  By

Sophos warned yesterday against the latest means that spammers came up with in order to bypass the filters every email service has erected. Suppose music files from well-known artists, such as Elvis Presley, Fergie and Carrie Underwood, are just some of the names who were associated to the malicious emails.

To nobody's surprise, the files attached were not actually music files, but audio of some monotonous voice encouraging people, over and over, to buy shares in a little known company. As crazy as it might sound, it's something that's been used for a long time, the repeating, because it is annoying, will force your brain to store the name of the company somewhere and there's the off chance that one recipient would actually not remember where he heard it and comply to the MP3 request.

Some other facts discovered by Sophos is that Russia has emerged as a Spam superpower, being responsible for 8.3 percent, or 1 in 12 of all the unsolicited emails received. Still, ahead of the pack is the US, which accounts for 21 percent of the 'highly regarded' messages, and in third comes China, lowering the bar at 4.2 percent.

On a continental ranking over the last quarter of 2007, Asia reigns supreme with its 32 percent, ahead of Europe's 27% and North America's 26.5%. Interestingly enough, Europe got propelled in the first position in January 2008, benefiting from the Storm botnet alleged base somewhere in European Russia.

Mike Haro, a senior security analyst at Sophos, told Mail & Guardian Online that "Countries that continually remain among the top spam-relaying countries need to ensure that they are doing more to proper defend computer systems. [?] If they continue to sit back as compromised computers spread malicious emails and malware, then hackers will continue to look at these systems as easy targets in their efforts to turn them into botnets."

He then pointed out that the recent celebrities' fake songs being sent with spam are just a measure of the diversity of attacks that cyber criminals will attempt in the future.