Spammers getting Smarter, Report Says

Friday, March 23, 2012 @ 04:03 PM gHale


For period of time, junk mail was having a difficult time making it through enterprise spam filters, but not any more as new tests are showing.

During a comparative testing of 20 corporate email filtering products, several missed more than twice as much spam as in previous editions of the Virus Bulletin VBSpam tests.

RELATED STORIES
Reprise for Kelihos Botnet
Botnet Clients Integrate Exploit
New Botnet Goes to Market
Malware has Bots Acting as C&C Server

Virus Bulletin officials said the drop in performance might come down to improved tactics by spammers rather than a dip in the capabilities in the filtering products.

“This is a worrying trend,” said VB’s anti-spam test director Martijn Grooten. “There have been many news stories highlighting a global decline in spam in recent months, but if spam filter performances decline too, the situation for the end-user doesn’t improve at all.”

“It is hard to say what exactly caused filters to miss more spam, but it looks like spammers are doing a better job at avoiding IP- and domain-based blacklists. It may be a sign that they are increasingly using compromised legitimate systems to send their messages,” he said.

The best performance in the March 2012 anti-spam comparative review came from Libra Esva, which blocked 99.97 percent of all spam messages without blocking any legitimate mail, making it the only product to obtain the new ‘VBSpam+’ award.

Other products with a good spam capture rate of better than 99 percent included Kaspersky Anti-Spam, GFI, McAfee, Symantec, Sophos and others. BitDefender caught 98.94 percent of spam but it avoided any false positives. McAfee SaaS caught 99.93 percent of junk mail but it binned a significant proportion of legitimate messages, 0.21 percent (the worst performance among the tested products).

Most products still blocked more than 99 out of 100 spam emails, and no product incorrectly marked more than 1 in 470 legitimate emails as spam.

“More spam means more time wasted dealing with it, a greater chance of falling for scams, and a greater chance of accidentally deleting legitimate emails,” the report said.



Leave a Reply

You must be logged in to post a comment.