The Storm Botnet, responsible for the majority of spam email on the internet is now resorting to using URL shortening services made popular by Twitter such bit.ly and tinyurl.com to bypass spam filters.
Spam containing shortened URLs has increased significantly over the last year according to the latest MessageLabs Intelligence Report. These shortened URLs make it harder for traditional anti-spam filters to identify the messages as spam based on the reputation of the domains found in the spam emails.
Further analysis of spam containing shortened URLs revealed that the Storm botnet, which returned to the ‘threat landscape’ in May 2010, is responsible for the greatest volume of botnet spam containing short hyperlinks.
Business owners are warned to be vigilant against a new, malicious phishing attack using PDF Reader Updates as a hook. The attack was seeking to collect its victims’ credit card details. MessageLabs Intelligence had blocked more than 26,000 of these “PDF Reader Update” phishing attacks.
MessageLabs Intelligence also warns of multi-step targeted attacks in which the attacker first gained unauthorised access to a website belonging to one organisation and uploaded a fake landing page with concealed JavaScript containing malicious code. Next, the attacker sent unsolicited emails purporting to be from a webmail account to select recipients at a second organisation. The emails contained a link to the malicious landing page created earlier on the first organisation’s website.
