MessageLabs: Watch out for audio and video spam

Spammers are experimenting with different media formats and even hosting content online, the security company has warned

Email security company MessageLabs has warned that spammers are already modifying their tactics when it comes to the emerging trend of using audio rather than text attachments in unsolicited mail.

In a statement, MessageLabs claimed that, following the first spam campaign involving audio files on 17 October, which attempted to control the value of stock for "nefarious reasons", spammers are now moving on from simply attaching audio to mail to linking through to content hosted on multimedia sites such as YouTube.

"This recent trend proves that spamming techniques are becoming more innovative," said MessageLabs in its statement. "As image spam shifts from email attachments to images on free image-hosting sites, [we] believe that it is only a matter of time before the spammers apply the same approach to audio spam and upload the message to free multimedia-hosting sites, such as YouTube, Google Video, [and] MySpace."

On 17 October spammers used attached MP3 music files to try to "sneak messages past spam filters", said MessageLabs. The spam run of 15 million emails lasted 36 hours and used Storm worm-infected computers for the purposes of dissemination, MessageLabs said.

The MP3 file names were music-related, including files called "beatles.mp3", "britney.mp3" and "elvis.mp3". They contained a poor-quality, 25-second voice track promoting a stock offering from Exit Only Incorporated for its website. The spam did not contain any detected malicious code.

The voice was synthesised using a low compression rate of 16KHz to keep the overall file size small, at around 50KB, in order to avoid detection. Paul Ducklin, Sophos's head of technology for Asia-Pacific, told ZDNet Australia that the voice sounded like a female version of "Marvin the Paranoid Android", a character from The Hitchhiker's Guide to the Galaxy.

According to MessageLabs, spammers have recently been experimenting with different types of file attachments, including text, image, HTML, ZIP, RAR, RTF and PDF file formats.

"The MP3 spam tactic is a natural progression for cybercriminals following runs of image, PDF and Excel junk mail earlier this year," said Mark Sunner, chief security analyst for MessageLabs. "As users become wary of certain file attachments, scammers will move on to their next tactic."

Sunner also predicted that video spam and PowerPoint presentations would become "the next format du jour".

Earlier this month, Sophos reported that spammers were exploiting YouTube's "invite your friends" function to send email spam containing a variant of the Storm worm.