Business IT - Technology for your business

No. 1 Story

CIO confidence; a dead cat bounce?

At a time when banks are shedding IT roles by the dozen, it seems counter-intuitive that 83 per cent of the nation’s chief information officers should report they are confident about the future of their business to the extent that 45 per cent expect to hire IT staff in the first six months of the year. The question remains – is this a dead cat bounce?

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

Google Sites sending spam as CAPTCHA gets pwned

Davey Winder
Tuesday, 05 August 2008 18:47

Business IT - Security

Page 1 of 2
According to the latest MessageLabs Intelligence Report, the Google Sites CAPTCHA spambot defences have been compromised by spammers...

The MessageLabs Intelligence Report for July 2008 reveals that spammers are looking towards Google Sites to spread their wares. This follows on from previous spam attacks directed at Google Docs, Google Pages and Google Calendar.

Microsoft Office 365 Get your free Trial
Researchers look at it as being just the latest in a continuing trend that targets Google's hosted applications in order to exploit the brand trust to distribute spam and malware. There are two reasons why Google Sites has been targeted, they say:

Firstly, it allows the novice to create a web page that comprises entirely of a string of random letters and numbers with relative ease. This results in a URL that is far more difficult to block than most when using bog-standard signature-based anti-spam tools.

Secondly, and a lot more worryingly so, is the indication that the 'Completely Automated Public Turing Test to Tell Computers and Humans Apart' or CAPTCHA entry validation system has been pwned.

"Google Sites is yet another way that spammers have programmatically defeated CAPTCHA mechanisms" Mark Sunner, Chief Security Analyst at MessageLabs insists "While Google Sites spam accounts for only 1 percent of all spam currently, we anticipate that this technique's popularity will rival that of its predecessors, Google Docs, Calendar and Pages spam. If this is the case, then we may see spam levels increase in the months ahead." 

Not the best of news, it has to be said. But then neither is the fact that the number of new malicious websites blocked each and every day in July increased by a whopping 91 percent from 2,076 compared to June. This takes the daily total up to a rather depressing average of 3,968 new sites.

So what is to blame? Other than the obvious dirty scumbag spammers answer, is the equally obvious SQL injection attacks one. "An emerging theme for threats this month seems to be new variations on old attack methods" Sunner told us.

Want to know which country is the most spammed in the world? Find out on page 2...

CONTINUES


Start 1 2 Next 

Sponsored Announcements

SBDC Releases Native IPv6 for all it Broadband Users

Michelle Thomas | Smelly Black Dog Internet is proud to announce that the company has signed up for Simtronic Technologies new wholesale broadband service as an…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases