GFI Software, a leading developer of network security, content security and messaging software, today announced it is tracking a new method through which spammers send messages with MP3 attachments that contain the latest pump-and-dump stock scams.
The spam is a short, 30-second MP3 file recorded at low bit-rate with a synthetic female voice promoting a particular stock; the voice heavily distorted to avoid signature-based anti-spam approaches to listen to an edited sample of MP3 spam).
Spammers are taking advantage of the fact that the MP3 format is one of the most common in use today and that most anti-spam solutions do not handle attachments very well because they do not actually analyze the attachment content.
“MP3 spam is a natural progression from PDF and Excel spam whereby spammers are exploiting a new file format to be able to send spam. This is their latest attempt to evade anti-spam filters. There is also a social engineering aspect to this tactic because people frequently share MP3 files,” David Vella, director of product management, said.
To address the MP3 spam threat administrators need to deploy as many anti-spam techniques as possible, including Bayesian filtering, while at the same time maintaining a very low level of false positives. Additionally, administrators can block attachments or place restrictions on allowable sizes to weed out unwanted material.
GFI MailEssentials includes a second generation Bayesian filtering engine. This goes beyond the simple analysis of text but also examines the form and attributes of attachments. The benefit of spam detection via Bayesian filtering is that the technology automatically tunes itself to each customer-specific email profile, rather than relying on one ‘rule set’ for all customers like other rules-based anti-spam products do. With this second generation Bayesian filtering technology, GFI is at the forefront of anti-spam technology thus allowing the company to effectively deal with the constantly evolving spam techniques.
Users of GFI MailSecurity can also use the content filtering feature to block spam that is downloaded to the email client based on attachment file type or size.