News

Spam More Creative, Better Targeted

Thirty years after the first unsolicited e-mail advertisement was sent, the phenomenon now known as spam is continuing to grow -- and becoming more sophisticated, creative and malicious.

Spammers are now "subpoenaing" their victims with official-looking court documents, inviting them to schedule meetings on their Outlook calendars and offering to put them in movies, according to Symantec Corp.'s monthly "State of Spam" report for May.

"During the month of April, 80 percent of all e-mail was spam, with that number jumping as high as 87 percent at times," the anti-virus and online security company reported. Those figures are based on Simple Mail Transfer Protocol-layer filtering at the e-mail gateway and do not reflect the volumes of spam detected at the network layer.

Although any unsolicited and unwanted commercial e-mail can be considered spam, a growing amount of it is fraudulent or otherwise malicious. A growing concern is the practice known as phishing, which uses a variety of e-mail baits to lure victims into providing personal information or downloading malicious software that can steal the information. A subset known as spearphishing is, as the name implies, a targeted attack aimed at specific individuals.

In April, Symantec found an example of spearphishing that appears to be an e-mail notice of a federal subpoena from a U.S. District Court giving a courthouse address and telling the recipient that he or she is "commanded to appear" before a grand jury. The notice also contains a link for downloading the full subpoena, which actually downloads and installs a keystroke-logging Trojan on the victim's computer.

A new wrinkle in the now notorious Nigerian financial scam is the Outlook calendar invitation sent by e-mail. The sender wants to set up a date for paying $106 for the delivery of a package containing $850,000. The sender cautions, "Don't be deceived by anybody to pay any other money except US$106.00." Good advice, as far as it goes.

Instant messaging is also being used as phishing bait. A spam e-mail advertises an online service that will let you find out which recipients are blocking your messages. All you have to do is visit the Web site and enter your user name and password.

As it should be needless to say, the U.S. courts do not issue online subpoenas, it is unlikely that any Nigerian strangers want to send you money, and if anyone asks you for a user name and password from another account, just say no.

About the Author

William Jackson is the senior writer for Government Computer News (GCN.com).

Featured

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.

  • Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

    Businesses risk losing up to $87 million a year if they fail to catch up with AI innovation, according to the Couchbase FY 2026 CIO AI Survey released this month.