Spam finds new paths into corporate nets

Nearly 58 percent of all spam on corporate networks can be traced to botnets, and social networks are also being more frequently used by spammers

Unsolicited e-mail accounted for 90.4 percent of all messages received on corporate networks during April, an increase of 5.1 percent from a month earlier, according to a report released May 26 by Symantec's MessageLabs Intelligence unit.

The monthly MessageLabs report on threat trends also found that nearly 58 percent of all spam can be traced to botnets.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

Adam O'Donnell, a researcher at Cloudmark, a provider of antispam tools, noted that in addition to using botnets, spammers in recent months have been experimenting with a new way to sneak unwanted email past corporate filters.

Often, he said, a spammer will rent legitimate network services, often in an Eastern European country, and then blast a large amount of spam at the network of a specific ISP. The idea is to push as many messages as possible onto the network before any kind of filtering software detects the incident. O'Donnell estimates that hundreds of thousands of such messages are sent each day without detection.

Social networks are also becoming an increasingly important tool for spammers.

Security experts note that social-networking spam can't be filtered at the corporate firewall and appears to come from friends of the recipients.

This story, "Spam finds new paths into corporate nets" was originally published by Computerworld.