CAPTCHA Breaking Tools Lead to MobileMe Spam Attacks

MessageLabs Intelligence Report for October 2008 highlights the increase of spam blogs on Google Blogspot and a rise in spam sent using fake Apple MobileMe accounts as a result of spammers finding it easier to obtain CAPTCHA breaking tools. A CAPTCHA is a type of challenge-response test used in computing to ensure that the response is not generated by a computer. To maximize the use of the fraudulent MobileMe email addresses, spammers link them with fake accounts created on social networking sites.

“With the exploitation of Google Blogspot and MobileMe, we are again seeing two common spamming practices converge — CAPTCHA breaking techniques and exploitation of free hosted services,” said Mark Sunner, Chief Security Analyst, MessageLabs. “The spammers are now taking it one step further and experimenting with the capabilities of social networking sites, like Bebo. As a result, users of social networking sites are receiving more buddy requests from fake profiles wishing to connect.”

Halloween again remained an opportunity for spammers to distribute appropriately themed spam. This year, the spammers advertised Halloween sales in the subject lines of traditional spam emails touting herbal remedies and sexual enhancement drugs. This type of spam was part of a larger campaign that made up about one percent of spam using the same body message in each case. Halloween was one of many subjects used in this campaign which originated from the Srizbi botnet.

Also in October, MessageLabs saw an increase in phishing attacks spoofing banks as the global credit crisis worsened. Between September and October, the volume of phishing attacks rose by 103 percent as scammers sought to take advantage of the confusion surrounding potential mergers and bailouts.

In October 2008, the global ratio of spam in email traffic from new and previously unknown bad sources was 69.7 percent (1 in 1.43 emails), a decrease of .4 percent on the previous month. “Now is the time that spammers are taking advantage of the headlines and holidays to catch PC users with their guard down,” Sunner said. “It is very possible that this month’s spam is just an appetizer to what will ensue in the coming months. The spammers are just getting warmed up.