By Andy McCue, 19 October 2007 11:57
NEWS
An outbreak of pump-and-dump email spam this week is using bandwidth-sapping MP3 voice file attachments to promote certain stocks.
The MP3 attachments, which range from around 85KB to 147KB in size, feature a poor sound quality audio blast with a barely audible synthetic female voice promoting a specific stock. The voice is heavily distorted to avoid detection by signature-based anti-spam security.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
Email security company Email Systems said it detected a global outbreak of MP3 spam from late evening on 17 October and that it is currently responsible for around 10 per cent of all spam worldwide.
No viruses or Trojans have been detected in any of these attachments yet and Malta-based security company GFI Software has recorded an example of this MP3 spam here.
Most of the emails have no content in the subject line with just "Fwd:" or "Re:" and no message content. The email attachment filename varies from something personal such as "weddingsong.mp3" or a particular music artist such as "bspears.mp3" or "beatles.mp3".
David Vella, product manager for GFI Software, told silicon.com: "We think it is running through zombie botnet hijacked PCs which are sending this type of new spam."
He said the danger for businesses beyond the annoyance factor is bandwidth usage and clogged email inboxes. But Vella doesn't expect this type of spam to become a major threat.
He said: "My feeling is this won't make it to the level that image spam has. I don't think it will be a big problem."
Comments
There are 2 comments. Join the discussion
1. Fred
It's FOUR YEARS since the US passed their "You CAN spam" 'law'. Spam levels have constantly increased ever since then, without so much as a hiccup. They are now about 5 times higher than they were at the end of 2003 (according to Spam Cop's graphs). Wouldn't it be nice if the American authorites actually enforced that 'law' in a serious way? Or if the FBI's "Operation Bot Roast" actually put some of the bot-herders behind bars where they belong? Obviously it's not going to happen. American spammers rule the internet.
2. Richard A
That voice insn't synthesised or "synthetic" but an electronically distorted human female voice, surely!
She's not a trained actor or presenter, judging by her delivery, but she sounds more English than American. So where is she from?
To be honest, she sounds quite like my Romanian friend who has perfect UK English diction except for a few give-away vowels (such as e so that "ready" sounds like "raedy").
Any advances?