Spammers are increasingly looking to
use web-based services in order to beat the antispam protections in
security software, according to research from Virus Bulletin.
The security research and testing firm is
reporting that its latest anti-spam study revealed that rather than
rely solely on malware-infested PCs and botnets to send spam emails,
cybercriminals are taking advantage of web hosting firms to send
unsolicited messages.
Overall, researchers have found that the
web-based messages were slightly more successful at evading security
tools, thus giving the spammers a slightly better chance of getting
users to view and follow their spam messages. In a high-volume market
such as spam marketing, the higher failure rate can make a big
difference for the success of a campaign.
“The report shows that well over one
percent of spam sent from web hosts manages to bypass spam filters,
compared with less than 0.3 percent for spam sent via other means,” said
Virus Bulletin anti-spam test director Martijn Grooten
“Of course, one percent still means the
vast majority of messages are blocked, but with spam campaigns easily
running to millions of emails, this difference can make or break the
campaign for the spammer."
Overall, the report found that anti-spam
tools are highly-effective for keeping junk mail out of customer
inboxes. Of the products tested in the report, all blocked more than 97
percent of spam messages while maintaining a false positive rate less
than 0.25 percent.
Among the top performers in the test were
BitDefender and Fortinet. Researchers also noted that LibraEsva,
Kaspersky and OnlyMyEmail achieved detection rates above 99 percent
while minimising false positive rates.
No comments:
Post a Comment