14 August 2009 | Category: Software
Last month, spammers hit a new high (or did they sink to a new low?) by using non-delivery reports (NDRs) to deliver twenty percent of all worldwide spam.
NDR spam is particularly insidious because of how it enters a users system: it appears as a harmless email letting you know that the email you tried to send was not delivered (in the case of false NDRs, both email and bounced address are fakes), then tricks you into clicking on an embedded link or opening an attached file.
Users can protect themselves from these attacks by being extra careful about the emails they open, and being suspicious about emails that are replies, forwards, or NDRs to emails they never sent from their account.
For hackers to start using this technique more frequently indicates that it must be working, and likely with a higher rate of success than other tactics. These emails seriously threaten computer security.
Because bouncing spam is a relatively new development, and its use has suddenly increased (over two thousand percent compared to monthly averages six months ago, according to security firm PandaLabs), there are still not effective ways of blocking it. Normal spam filters may not remove this kind of email from your inbox, so keep a look-out for NDR notices about emails you don't remember having sent.