Large enterprises still serving up spam

Well-known enterprise companies are still having their IT systems hijacked by spammers despite investing in many different types of technologies aimed at stopping the problem.

Last week, researchers at network security company Support Intelligence isolated an IP address within insurance giant Aflac that was being used by spammers to distribute mass amounts of e-mail messages, most of which were related to erectile dysfunction.

Over the course of a 24-hour period beginning on April 10, researchers at Support Intelligence and the SenderBase project estimated the volume of spam being distributed from the affected Web server, much of which included a pharming attack, jumped by more than 750 percent.

Once informed of the problem, representatives at Aflac said they began work to shut down the rogue spam source, but researchers said that the incident further illustrates the problems that many enterprises are still facing in battling spam.

As spammers have begun tapping into botnets controlled by other parties and found new methods for distributing their work via hijacked computers, the issue has only intensified, said Rick Wesson, chief executive of Support Analysis.

In the last month alone, Wesson's company has publicly detailed similar waves of spam emanating from a list of high-profile businesses, including 3M, AIG, and Thomson Financial, and the executive claims to have found similar campaigns coming from within blue chip companies, including Best Buy, HP, Intel, and Toshiba.

No matter how large the company and how much it has spent on anti-spam tools, he said, the issue remains a daily struggle.

"These companies are spending tons of money on security, but it shows that like some diseases within the human population, spam has become something that cannot be stamped out completely," said Wesson. "Companies shouldn't be ashamed about talking about it because it is happening to everyone; the financial models and the channels into IT operations for spammers are established, and it's not a problem that is going away."

The dilemma isn't that businesses aren't doing enough to fight spam, according to the security expert, but rather that the technology products they use include so many hidden code vulnerabilities that allow the spammers and botnet operators to sneak in.

The best examples of this problem are the handful of unpatched zero-day vulnerabilities that have been reported in Microsoft products in the last several months, according to Wesson. Spammers simply wait for new flaws to be exposed in popular products and begin assailing organizations with new threats that allow them to gain control of affected systems, he said.

After that it's simply a matter of using any compromised hosts to send out e-mail.

"What this says to me is that when large national insurance companies are still having this problem, all of Middle America does too," said Wesson. "If big business is not capable of beating this problem, SMBs must be getting absolutely killed by it."

Reached for comment, Aflac representatives indicated that they had not been made aware of the reported spam campaign before hearing about the event from researchers.

Company officials declined to comment further on the issue of spambots in their midst but said the incident has not led to any more serious security problems, such as a customer data breach.