Spammers using Google Sites to bypass filters

Junk emailers are using Google Sites to create web pages that can help spam get around corporate filters, according to MessageLabs
Written by Matthew Broersma, Contributor
Spammers have added Google Sites to the arsenal of online tools used to get around junk-email filters, according to a study published on Tuesday by messaging security firm MessageLabs.

Spammers had already been making use of Google Docs, Google Page Creator and Google Calendar as spam-hosting facilities, but Google Sites is a recent addition, according to the MessageLabs Intelligence Report for July 2008. Junk emailers are using the tool to automatically create web pages with names composed of a string of random numbers and letters, resulting in an address that is more difficult for signature-based anti-spam tools to block, MessageLabs said.

The Google Sites abuse indicates that spammers are becoming more advanced at getting around the Captcha (Completely Automated Public Turing test to tell Computers and Humans Apart) mechanisms used to defend against the automated sign-up tools frequently used by junk emailers, said MessageLabs' chief security analyst, Mark Sunner.

"While Google Sites spam accounts for only one percent of all spam currently, we anticipate that this technique's popularity will rival that of its predecessors: Google Docs, Calendar and [Page Creator] spam," Sunner said in a statement.

The report found that the number of new, malicious websites blocked each day has increased by 91 percent, from 2,076 in June, to a daily average of 3,968 in July, with the increase largely due to websites linked to SQL injection attacks. This particular form of web-based threat is now at record levels, MessageLabs said.

The study found a new form of spam that is generated by botnets controlled by the Storm worm. The spam automatically downloads a rogue anti-spyware program called Antivirus XP 2008. The program displays a false list of malware infecting the user's system and demands the purchase of a license.

Out of all the web-based malware intercepted in July, 83.4 percent was new, MessageLabs said.

Analyzed by the industry sector of the organization receiving the junk email, MessageLabs found that spam levels have actually decreased for all except the non-profit sector, in which spam rose by 5.8 percent to account for 82.2 percent of all email.


Editorial standards