View Product Information

Q&A with Ross Paul and David Saunders

A: Ross Paul: Spam continues to be on the rise as unethical marketers and cybercriminals alike have recognized it as the cheapest method by which to reach the largest number of potential targets, whether the motive is malicious or merely unsolicited marketing messages. While response rates for spam are very low, the small costs involved in reaching huge numbers of targets make it much more cost-effective than traditional methods of advertising. For cybercriminals, it is a global medium, which makes it very difficult to track and enforce the illegal distribution of malicious software, usually designed for the purposes of stealing valuable personal or corporate information. As worldwide Internet use increases, the cost/benefits equation for spam continues to improve in favor of the spammer, while costing the receiver in bandwidth, storage capacity, and wasted time.

A: David Saunders: Increases in global broadband usage, line speeds, and PC performance mean that spammers can now send higher volumes at lower costs. The rapid growth of bot-infected machines, a favored method of delivery for spammers, has also benefited from these factors. Spammers are also sending different messages, making it more difficult to detect spam. One of the newer techniques used in 2007 is pump-and-dump schemes, which attempt to build a buzz around specific stocks to encourage their purchase, which results in share price increases that are capitalized on by the culprits. This method has been more difficult to detect due to the lack of an association between the spammer and the products that they're touting, which are typically different publically—traded stocks and don't always have a consistent pattern.

In addition to these factors, the Websense Security Labs 2008 Trend Report forecasts that hackers will increasingly use Web-based spam to post URLs to malicious sites within forums, blogs, in the commentary or "talk-back" sections of news sites, and on compromised Web sites. This not only drives traffic to infected Web sites but also helps to boost the purveyor's site's search engine rankings, increasing the risk that users will visit the site. We've also predicted an increase in "vishing" (voice phishing) and voice spam in 2008. As you can see, spammers are continually branching out and blending their techniques across other forms of Internet communication—not just email—to get their messages to the widest possible audience.

A: David Saunders: Over the past couple of years, the number of bot-infected PCs has exponentially increased. Bot herders use these compromised PCs to send spam, essentially renting their bot herds to spammers at very low costs which decrease as the size of the herd increases. By making use of large bot herds, spammers can send huge volumes of spam and bypass many existing forms of security by masquerading as "real" email users, making them more difficult to detect and block. The cost of managing a herd of 100,000 bots is the same as the cost of managing a herd of 10,000 bots. This is a win-win situation for both bot herders and spammers, as bot herders can increase the money they make on renting their larger herds at higher prices, while spammers can more effectively reach larger numbers of targets at a lower cost per target.

A: Ross Paul: The sheer volume of spam and crossover between spam and malware can lead to potential security exposure, as it is becoming more difficult to differentiate email-borne threats from harmless junk email. This means that accurate detection can only be done by classifying not only the content of emails but also the reputations of the senders.

A: Ross Paul: Putting in place sophisticated email security solutions to identify spam and other malicious email content is essential. Websense believes that one of the most cost-effective ways of doing this is with a hosted service such as the Websense Hosted Email Security (formerly SurfControl MailControl). By using a hosted email security service, companies can block spam and other malicious content before it reaches their corporate network and servers. This significantly reduces bandwidth, processing, storage, and other costs as well as the cost and complexity of managing, maintaining, and tuning in-house security systems to keep up with the rapidly changing techniques that spammers employ to evade detection.