Listen up: MP3 spam on the rise, despite being utterly stupid

As anti-spam tools and e-mail users become more sophisticated, spammers are turning to new mediums to get their unwelcome messages through filters and into inboxes. One of the more recent developments is spam with attached MP3 files. One security software vendor, MXSweep, is reporting that MP3 spam now accounts for between 7 and 10 percent of all spam being sent. 苏州美睫美甲

The files are given innocuous-sounding names like elvis.mp3, oursong.mp3, smashingpumpkins.mp3, or coolringtone.mp3. The payload is disappointing: a voice recording touting the virtues of some corporate stock; in other words, it's pump-and-dump stock spam in a new format. It's also a dumb idea. The overlap of those gullible enough to click on MP3 files of unknown provenance and those willing and able to invest in a stock that they've never heard of is certainly minute. It's bound to be more of an annoyance than anything else and seems unlikely to result in the desired stock purchases.

Attachment spam can be easily filtered, but the sheer size of the messages can cause headaches. The MP3 files currently used run from 85KB to 147KB, according to MXSweep. "Although these emails now account for 8 percent of current traffic they consume up to 55 percent of e-mail bandwidth use, which in business terms is a huge additional cost," said Danny Jenkins, CTO and founder of MXSweep.

So far, security researchers haven't identified any malicious payloads in any of the MP3 stock spam messages, so the biggest headache will be configuring spam filters to stop the MP3 message from hitting inboxes. That should be fairly easy for corporate IT departments who aren't already stopping e-mails with audio attachments. If your e-mail client supports rules-based filtering, simply set it to flag and delete messages with MP3 attachments.

The Federal Trade Commission believes legislation such as the CAN-SPAM Act and some high-profile convictions are making a difference, but spammers have responded by moving more of their operations offshore, going deeper underground, and coming up with new means of getting their unwelcome messages into inboxes.

Naturally, once countermeasures against MP3 spam are widely in place, spammers will move on to another payload. That's why we're facing MP3 spam now: anti-spam tools have become adept at dealing with image spam (e.g., GIF and JPEG images attached to a message), PDF spam, and Excel spam. Just a few months ago, PDF spam accounted for nearly 20 percent of all image spam; that number has since plummeted to under 1 percent, according to e-mail security company Proofpoint. Image-based spam has also plummeted to 2.23 percent of all messages as of the end of September.