Smarter Spam Could Mimic Friends' Mail - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

Smarter Spam Could Mimic Friends' Mail

The next generation of spam-sending zombies would scan E-mail in the user's inbox, mine it for information and writing patterns, then crank out realistic-looking replies to real messages, researchers warn.

The next generation of spam and phishing e-mails could fool both software filters and the most cautious people, Canadian researchers said Sunday, by mimicking the way friends and real companies write messages.

John Aycock, an assistant professor of computer science at the University of Calgary, and his student, Nathan Friess, presented a paper Sunday at a security conference in Hamburg, Germany that outlined how junk mailers and phishers, even spyware criminals, could create slicker spam.

Rather than rely on mass quantities of spam, much of it now written in gibberish to slip past anti-spam filters, tomorrow's criminals could plant malicious programs on compromised computers, the spam "zombies" that account for a large portion of spam sent. Those programs, Aycock and Friess argued, would scan the e-mail in the zombie's inbox, mine it for information and writing patterns, then crank out realistic-looking replies to real messages.

The two Canadians created software that mined the data in a pair of e-mail message pools to find statistically-significant patterns of abbreviation, capitalization, and signatures. A second program then used the discovered patterns to automatically transform a standard, one-line spam into a more convincing and individualized reply.

"All the pieces are in place right now" for spammers to take advantage of such tactics, Aycock said in a statement. "What we’re talking about is very simple data mining. At some point, the other shoe has to drop."

By mimicking real messages from real people, Aycock said spammers and phishers would be able to convince more people to click on an embedded URL or open an attachment that could plant spyware on PCs.

A pre-conference PDF version of the paper can be downloaded from the University of Calgary's site.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
Slideshows
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll