Spammers using more Webmail accounts

A blog entry on EWeek by Larry Seltzer highlights how spammers are sidestepping SMTP to continue their malicious activity. According to some reports, an increasing percentage of spam emanates from public Webmail accounts, such as Gmail, Hotmail, and Yahoo, which makes the spam more difficult to detect. The older technique was to spoof legitimate private email addresses to send spam.

The attraction to spammers here is that using the public webmail systems, once they break the CAPTCHA system (which is easier than you might think), they gain the positive reputation of these systems. Reputation-based anti-spam security analyzes the reputation of the email sender’s domain. In the case of these large webmail systems, the reputation is considered good, and so spammers using them can piggyback on that positive reputation.

There is apparently a large market for phony Webmail accounts, and breaking the CAPTCHA test has become much easier–making it possible to generate huge numbers of webmail accounts that can be used for spamming. The solution of course, lies in using a combination of anti-spam techniques that include content analysis and reputation-based prevention. On the part of the public webmail providers, there is a great need to come up with something superior to the CAPTCHA system that is more difficult to break.

The question is, if nearly a quarter of spam is coming from webmail, as is reported, what are Google, Yahoo, and Microsoft doing about it? Apparently, not nearly enough; these three giants need to devote some more resources to developing ways to detect abusive email addresses and spambot accounts.