MP3 spam

October 19th, 2007

Over the past few years I've seen all kinds of spam - ASCII art spam, image spam, animated GIF spam, PDF spam and Excel spam to name but a few, but this new wave of spam is odd indeed - MP3 spam.

GFI Software, a leading developer of network security, content security and messaging software, today announced it is tracking a new method through which spammers send messages with MP3 attachments that contain the latest pump-and-dump stock scams.

The spam is a short, 30-second MP3 file recorded at low bit-rate with a synthetic female voice promoting a particular stock; the voice heavily distorted to avoid signature-based anti-spam approaches (click here to listen to an edited sample of MP3 spam).

Spammers are taking advantage of the fact that the MP3 format is one of the most common in use today and that most anti-spam solutions do not handle attachments very well because they do not actually analyze the attachment content.

I really don't see this working on anyone.  The voice it way too distorted and audio is nowhere near as convenient as a link.  This trick might mean that emails get past filters and into inboxes, but I still think that it'll fall on deaf ears. 

This entry was posted on Friday, October 19th, 2007 at 18:54 and is filed under Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.