» Business » PDF spams give security tools the slip

PDF spams give security tools the slip

July 17, 2007 02:36 IST

Just when you thought all the dirt bag tricks had been tried with email spamming, there comes another form of spam, PDF spams that cannot be filtered by the existing set of security tools.

Beginning to take image spam's place is PDF spam, where a spammer sends an e-mail message with a PDF attached, unreadable by most spam filters, convincing the recipient to list it as a legitimate mail.

Security vendors have indicated two types of PDF spamĀ -- a professional-looking PDF of a newsletter pumping a German company's stock that security company IronPort says was sent more than 5 billion times in its first few days and a more rudimentary PDF attachment containing text that pumped a stock, which Symantec claims was sent to more than 30 million users over 10 days in late June.

Image spam continues to decline, to an average of 14.5 per cent for the month of June, security vendors list, from 27 per cent and 37 per cent in the months of April and March respectively. At its peak in January 2007, Symantec estimated that image spam accounted for nearly 52 per cent of all spam.

According to Srikiran Raghavan, regional sales head, RSA, the security division of EMC, "Beginning to take image spam's place is PDF spam, where the spammer sends an e-mail message with a PDF attached."

The PDF file (the latest spam attack identified by security vendors) is a 'German Stock Insider' report for a stock in a company called Talktech Telemedia that is listed on the Frankfurt Stock Exchange.

Raghavan says, "This German company's stock was sent more than 5 billion times in its first few days."

The document claims that the stock is trading at a 'huge discount' and is expected to go up by some 300 per cent within a few trading sessions.

Such schemes attempt to lure people to buy up a stock, pumping its value and interest; then the scammer sells the stock at the higher price and leaves hapless investors with an essentially worthless stock. Andy Norton, director, product management marketing, IronPort adds, "Last month was the biggest month of the year for spam, just over 70 billion messages per day."

An escalation in similar stock market spams in the garb of PDF mails highlights vulnerabilities of security tools in weaning out illegitimate PDF files.

"This could mutate into PDF files carrying malware that can be downloaded on to the recipient's computer," warns Kartik Shahani, director (sales), McAfee.

Priyanka Joshi in New Delhi