RealTime IT News

Spammers Find 'Healthy' New Tactics With Acai

Spammers are opportunistic. Recent spam threats used Swine Flu and the tax season to entice victims to click on bad links.

Users are familiar with spam peddling erectile enhancement medication, and many know they won't get anything if they try to buy by clicking on a link in a spam e-mail.

That has not stopped the spammers, now they have a new product: an Acai dietary supplement, Acai Power Slim. "Pushing dietary supplements is an age-old spamming tactic, but this latest run puts a new spin on these familiar spam messages as the bad guys capitalize on seasonality and a hot trend in nutrition," said Paul Wood, MessageLabs Intelligence senior analyst, in a statement.

He added that the spam is coming from the Cutwail botnet, one of a new wave of botnets.

It's baaaack: The return of image spam

The Acai ads are image spam, and Symantec's latest State of Spam monthly report for May, 2009 says that image spam is making a comeback, increasing from around 5 percent of all spam at the start of April to over 20 percent by month's end.

The report notes that the return of image spam means that spam e-mails will be larger. The percentage of spam messages that were over 10 Kb in size was 8.7 percent by month's end, rising from 5.7 percent at the start of the month.

Image spam tends not to have an e-mail link and this may help them penetrate spam filters. The report says that many images tell users to type an e-mail address into their browser rather than click on a link.

A report from MessageLabs Intelligence said that spammers are also using HTML tag obfuscation, putting meaningless text within HTML tags to confuse filters. Users don't see the hidden text.

Spammers can track every e-mail. Some spam messages that do contain links use redirection codes so that someone clicking on the link goes to one Web site before being redirected to the target site. "It's believed that this may be used by spammers to track the usage of each domain, perhaps in order to identify its longevity and effectiveness over time," said the MessageLabs Intelligence report.

In the case of the Acai drinks, the target Web site is in Russia, the company said.

Symantec's report said that health spam is the second most prevalent spam category after attacks offering Internet services such as Web hosting, Web design -- and spamware.