No longer is spam just a way to sell pornography or cheap pills. Spam messages are being used to install malicious software, and for a targeted form of spamming called spearphishing that has become a particularly effective hacker technique. A spearphishing attack opened the door to RSA security and helped hackers to compromise the security of RSA's SecurID tokens.
Spammers may be getting more crafty, too.
"There has been a decline in what we're getting in our traps, but what we're seeing that's out there is smarter spam," said Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham. Warner helped set up a massive database at the university that vacuums up as many as a million spam messages per day.
Take Feb. 14, for example; Valentine's Day. Instead of the usual Viagra or Rolex spam, Warner saw a flood of messages advertising a legitimate florist -- FTD. That's a more targeted form of spam than what his team would typically have seen a couple of years ago. And the spammers were directing people to a legitimate Web site -- FTD Flowers -- making their money from Web marketing referral fees. If the spammers succeeded in reminding just a few absent-minded spouses to order flowers, they could make money
Another example of smart spam? Those strange emails that come from friends, telling you to visit an online pharmacy or watch a video. Criminals break into Hotmail or Gmail accounts and send messages to every one of the victims' mail contacts before anyone realizes. This type of spam -- sent between two people who know each other -- is much more likely to evade filters.
Scammers have taken this game to Facebook, YouTube, and Twitter too. Sometimes they send @messages to their targets. Other times they hack into an account and use it to send out their messages. That's what happened last week to "Shaun of the Dead" actor Simon Pegg's Twitter account. It was used to spam out a Trojan horse program disguised as a screensaver to his 1.2 million followers.
The hunt for new ways to pump out unwanted messages is a natural evolution. Old fashioned e-mail isn't the ubiquitous connector it once was. According to the Pew Center for Internet Life, young Internet users shy away from e-mail, preferring texts and instant messages. Pew's December 2010 Generations report on Internet usage found that 70-year-olds are now more likely to use email than teenagers.
Sign up for Computerworld eNewsletters.