No. 1 Story
Technology reinforces generation gap
If you believe that technology could be bridging the generation gap, think again. According to Deloitte’s first State of the Media report it’s as stark as ever.
read moreRelated Articles
Google, Sites, sending, spam, CAPTCHA, gets, pwnedAnti-spam campaign Project Honey Pot has filed a law suit seeking more than $US1...
The US relayed considerably more spam than other nations, with just under a fifth...
Phishers wanting access to confidential usernames and passwords only needed to visit Google’s anti-phishing...
Despite tough anti-spam measures in the US, and recent lawsuits against a MySpace spammer,...
Patch Tuesday has come and gone with Microsoft dutifully patching three flaws, one of...
More From
Google Sites sending spam as CAPTCHA gets pwned
Davey Winder
Tuesday, 05 August 2008 17:47
Page 1 of 2
According to the latest MessageLabs Intelligence Report, the Google Sites CAPTCHA spambot defences have been compromised by spammers... The MessageLabs Intelligence Report for July 2008 reveals that spammers are looking towards Google Sites to spread their wares. This follows on from previous spam attacks directed at Google Docs, Google Pages and Google Calendar.
Firstly, it allows the novice to create a web page that comprises entirely of a string of random letters and numbers with relative ease. This results in a URL that is far more difficult to block than most when using bog-standard signature-based anti-spam tools.
Secondly, and a lot more worryingly so, is the indication that the 'Completely Automated Public Turing Test to Tell Computers and Humans Apart' or CAPTCHA entry validation system has been pwned.
"Google Sites is yet another way that spammers have programmatically defeated CAPTCHA mechanisms" Mark Sunner, Chief Security Analyst at MessageLabs insists "While Google Sites spam accounts for only 1 percent of all spam currently, we anticipate that this technique's popularity will rival that of its predecessors, Google Docs, Calendar and Pages spam. If this is the case, then we may see spam levels increase in the months ahead."
Not the best of news, it has to be said. But then neither is the fact that the number of new malicious websites blocked each and every day in July increased by a whopping 91 percent from 2,076 compared to June. This takes the daily total up to a rather depressing average of 3,968 new sites.
So what is to blame? Other than the obvious dirty scumbag spammers answer, is the equally obvious SQL injection attacks one. "An emerging theme for threats this month seems to be new variations on old attack methods" Sunner told us.
Want to know which country is the most spammed in the world? Find out on page 2...
CONTINUES
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
