Spammers adapt to filtering technologies by staying below radar

Cisco says the amount of snowshoe spam has doubled since 2013

spam

Anti-Spam technologies, for the most part, catch a majority of the spam that hits your inbox, or at the least it flags it as potentially unwanted. However, each day, spam of some kind – including junk messages that are sometimes overtly malicious, will bypass these filters.

It's a process called snowshoe, and according to Cisco, its highly distributed nature enables this process to evade per-IP and per-domain reputation metrics. The method is gaining in popularity, as Cisco notes that snowshoe spamming has doubled in volume since 2013.

"Snowshoes are footwear that allows a person to walk over deep snow by distributing their weight over a larger surface area, thus preventing the wearer’s foot from sinking. But what do snowshoes have to do with unsolicited bulk email?" asks Cisco's Jaeson Schultz in a recent blog on the topic.

"In the email world 'snowshoe' spam is unsolicited bulk email that is sent using a large number of IP addresses, and at a low message volume per IP address. By virtue of its highly distributed nature, snowshoe spam is designed to evade per-IP and per-domain reputation metrics."

Usually, the type of spam that bypasses the filters is the type that's more annoying than harmful - an offer for discounted goods, enhancement products, stock offers, or local singles that would like to meet.

But, in addition to that, there's also the Phishing attempts or messages with malicious attachments to contend with, which can lead to problems.

In both cases, simplistic methods such as snowshoe mean that awareness training regarding messages offer a solid line of defense if keyword and reputation filters fail.

However, the upside is that most of the messages that are using this method really are junk - offering products and services that most people wouldn't pay attention to anyway.

Last month, email security vendor AppRiver, said that during Q1 2014, they observed nearly 11 billion spam messages, as well as an additional 490 million messages that contained a malicious attachment.

The company reported that the United States was the leading country of origin for spam during the quarter, and Europe logged the second-highest total with Spain, Germany and Italy making up the top three countries.

Additionally, January was a record-breaking month for malware traffic since 2008, with one in every 10 pieces of email being malicious.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.