CAPTCHAs (completely automated public Turing tests to tell computers and humans apart) are common these days. In case you aren’t familiar with the terminology, they are those images with obscured letters that you need to transcribe into a text box whenever you sign up for a new Web mail or forum account, for example. They may be annoying, and sometimes a bit difficult to puzzle through, but they have likely saved the world from a lot of spam.
When they were introduced, their goal was to make it impossible for automated processes to create email or forum accounts, making it difficult for spammers to use these free Web mail accounts to post or send spam. However, that was almost ten years ago, and the times seem to be changing.
This year, the CAPTCHA algorithms of three major Web mail services were cracked (see references below). Also,...
As April came to a close, NDR (non-delivery report) spam diminished. In the April State of Spam Report, Symantec reported that NDR spam was 3.7% of all spam observed. Spammers appeared to be playing with the viability of this technique. At this time the numbers of this spam type are down to less than 2%. Symantec has been tracking this spam type over the past couple of months and has provided a graph in the May State of Spam Report that shows the changing volume levels.
However, the loss of momentum with NDR spam does not mean that spammers were resting. This was evidenced by the emergence of "calendar invite" spam in April. The samples observed were "419" or "Nigerian" spam sent with a meeting or calendar invitation attached. While the volume of this emerging spam was low, it does still illustrate the lengths that spammers are willing to go to spread their messages.
"Spear phishing" attacks are also discussed in the latest State of Spam Report...
