Viruses Cause Spam Overload
Jennifer Koch

Internet email clients are in the middle of a spam storm. And not the good kind. Last Friday, MessageLabs - a popular U.K.-based email security software company - released information on their site linking a pair of busy Trojan viruses for last month's inundation of spam messages. Analysts with MessageLabs say the Trojans - known as "Warezov" and "SpamThru," have perfected a system that's hard to beat, turning infected computers into "zombies" that can pump out massive amounts of junk mail and infect more computers in turn. Both Trojans have also been developed with a means to avoid detection from anti-virus software and spread junk mail as quickly as possible - according to MessageLabs, Warezov mutates tiny portions of code during the download process, thus creating a different signature that the anti-virus program does not recognize. As quickly as companies create a signature to recognize and capture one variant of the virus, new and different variants have already been created and can pass right through.

"If anti-virus companies take five to six hours to create a signature," said MessageLabs researchers, "the Trojan extends that time even further with these new versions."

In addition, the SpamThru Trojan uses what the researchers refer to as a "spam cannon" method, using templates similar to those used in mail merge to change the content of the spam. This is what gives SpamThru the ability to send out millions of messages and stay off ISP blacklists, thus causing the latest river of spam.

Spam production has increased drastically within a month - though in September spam accounted for a whopping 64.4% of all electronic mail, in October the portion jumped to 72.9%. MessageLabs blames the majority of the rise on these two Trojan downloaders, and warns that we're not quite out of the woods yet.

The best way to avoid infecting your computer is to use care when opening all emails containing attachments. Don't open attachments from people you don't know if you can avoid the possibility. If you see a link within an email, copy and paste the link into your browser, don't click it directly from the message. More often than not, spam messages often contain misleading links, and the address you are visiting is not the address you see on the message itself. By clicking it, you may unintentionally download malware, or you may be directed to a page prompting you to reveal personal information, social security numbers, account passwords, and other critical private data.

In addition, make sure that you keep your virus and spyware protection as up-to-date as possible. Drake Hardware & Software consultants can help you purchase updates for your existing anti-virus software, or help you decide on the right program to fit your machine and Internet activity.

See the original article, posted at CRN.com