It's a dubious achievement, but Canada's reputation as a place to buy cheaper drugs has been co-opted by spammers who recognized that using the "Canadian Online Drugstore" subject line was a powerful lure — it was the second-most popular spam subject line in 2006.
So found IBM Internet Security Systems X-Force research and development team in its 2006 security statistics report.
Not surprisingly, IBM also discovered that spam rose 39.5 per cent in 2006 over 2005 levels, and that image-based spam accounted for more than 40 per cent of spam messages in 2006, presenting one of the biggest challenges for spam fighters.
More alrmingly, IBM also recorded 7,247 new vulnerabilities in 2006, an average of 20 new vulnerabilities per day, an increase of almost 40 per cent over 2005. More than 88 per cent of last year's vulnerabilities could be exploited remotely, and more than half of them allowed attackers to gain access to a machine after exploitation.
IBM also warned of a continued rise in the sophistication of profit-motivated cyber attacks, including an increased focus on the Web browser and advances in image-based spam.
Dividing the vulnerability spectrum into high-impact and low-impact threats, IBM did come up with some good news, predicting a drop in the percentage of high-impact vulnerabilities. IBM director of security Gunter Ollmann said that in 2005, high-impact vulnerabilities accounted for about 28 per cent of total vulnerabilities, while they only accounted for 18 per cent in 2006.
IBM also said that the sale of exploit material is becoming even more organized and is increasingly taking the shape of the channel sales model used by legitimate corporate entities. Managed exploit providers are buying exploit code from the underground, encrypting it so that it cannot be pirated, and selling it to spam distributors. The organized development and sale of encrypted exploit code will make signature-based protection even less effective in 2007.
But if the sophistication of image-based spam techniques continues to rise, image-based spam will soon drop out of favour, another security expert predicts. Image spam is usually a large image with its message printed in wavy typefaces, which spammers have been using to foil optical character recognition spam filters. The technology is called Completely Automated Public Turing test to tell Computers and Humans Apart, or CAPTCHA.
A system of spam filtering, called the Bayesian algorithm, which can be found on the Internet for free, can stop the flood, Informatica Corp. president Claudiu Popa told Canadian Technology News this week.
Image-based spam has a "limited window of opportunity," he said, and the "Bayesian algorithm uses artificial intelligence to see patterns in spam e-mail, so once you get your second CAPTCHA-type e-mail, this program will learn to recognize it. They all tend to look the same — one big image with nothing much in it — and it will drop it into a spam folder."
The IBM report also discovered that:
— Within the past year, the volume of spam has increased by 100 per cent over 2005.
— The United States, Spain and France are the three largest originators of spam worldwide.
— After English, German is the most popular spam language
— The most popular subject line for spam in 2006 was "Re: hi."
— The most popular exploit used on the Internet to infect Web browsers with malware was for Microsoft's MS-ITS vulnerability (MS04-013), disclosed in 2004.
— The busiest month in 2006 for vulnerability disclosure was June, while the busiest week was the week before U.S. Thanksgiving and the most popular day of the week to disclose vulnerabilities was Tuesday.
