In association with heise online

21 June 2007, 13:00

After image spam comes PDF spam

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

"But he, Siddharta, created. And he lay down in the grass and cried bitterly." What starts off like a quote from Hermann Hesse turns out to be the next generation of spam e-mails. And they are flooding inboxes. To get past spam filters, the actual text within the body of the spam e-mail contains nonsensical phrases that spam filters do not detect as junk mail. But if you look at the attachment, you'll see what the purpose of the e-mail is: a PDF file advertising shares of Talktech. Now that a PDF reader is installed on just about every PC, few will have trouble opening the document. And spam filters do not currently examine PDFs.

typical PDF spam promoting low-price stocks
Zoom Supposed stock tips could tempt private investors: this is stock spam

The goal of those behind this spam is clear: the spammers purchase shares at a low price and then try to drive the price up so that they can sell at a quick profit. The companies whose stock is being promoted in this way generally do not have anything to do with such attempts at manipulation, but by the start of 2006, studies were showing that spam about company shares can actually affect share prices.

Now, spammers have added PDF spam to the image spam they came up with at the end of 2006 to get by filters. Spam filters have a hard time controlling image spam, which contains constantly changing GIFs. However, the PDF documents attached to this new wave of spam are all the same except for the file names. The identical checksum can be used to detect and filter out such attachments. As a result, we can expect to have spammers generating PDFs dynamically sometime soon.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit