Spam is once again on the rise, and this time it’s apparently being fueled by spam vendors that can’t scale. That’s the accusation being leveled by Google, which today revealed some surprising new spam figures.
The fight against spam has increased in traction for Google (NASDAQ: GOOG) with the acquisition of vendor Postini for $625 million last year.
Time of year plays a role in the increased volume of spam seen in July, according to Sundar Raghavan, a product marketing manager with the Google Apps Security & Compliance team
“Historically every summer there is increased activity in terms of spam volume, but the sophistication they are using this time around seems to be more robust,” he told InternetNews.com.
“Between July and August we have started to see a very interesting pattern in term of volume and sophistication of e-mail threats incoming,” Raghavan said. “Around July 20 we started seeing a spoofed UPS tracking e-mail messages going to users. On July 24 saw a peak of 10 million messages.”
The UPS tracking message was a phished e-mail that led its victims to a spoofed page that could have infected users. What makes the new spike in spam noteworthy according to Raghavan is actually the message content.
Though the phished UPS (NYSE: UPS) message had a lot of traffic, more topics in general are being used in phishing messages seen by Google.
“Cross Site Scripting messages have been around for a while, and typically it’s a generic message,” Raghavan said. “This time around they’ve figured out how to harvest the most current titles as bait, and the underlying link is also changing.”
According to Raghavan, the pattern was a common topic linked to one or two servers but massively distributed. “Now we’re seeing multiple topics each one linked to different servers,” he explained.
Raghavan noted that topics for many spam e-mails are being ripped right from CNN headlines. On the sending end, Google engineers are still trying to pinpoint where all the traffic is coming from, but it’s a difficult task. Much of the e-mail is being sent from massive geographically diverse botnets that are constantly changing.
The spike in spam so far this summer has not been driven by any particular holiday or event. Raghavan specifically noted that as far as he was aware the Summer 2008 Olympics in Beijing was not being used on a broad scale as a spamming topic. Other security firms have recently argued otherwise.
“We didn’t see any exploits — our security team was on the ball on this [DNS] from the get-go,” Raghavan said.