Spammers Using Google Sites To Bypass Filters
Tomi Häsä
August 5, 2008
"Spammers have added Google Sites to the arsenal of online tools used to get
around junk-email filters, according to a study published on Tuesday by
messaging security firm MessageLabs."
"Spammers had already been making use of Google Docs, Google Page Creator
and Google Calendar as spam-hosting facilities, but Google Sites is a recent
addition, according to the MessageLabs Intelligence Report for July 2008.
Junk emailers are using the tool to automatically create web pages with
names composed of a string of random numbers and letters, resulting in an
address that is more difficult for signature-based anti-spam tools to block,
MessageLabs said."
"The Google Sites abuse indicates that spammers are becoming more advanced
at getting around the Captcha (Completely Automated Public Turing test to
tell Computers and Humans Apart) mechanisms used to defend against the
automated sign-up tools frequently used by junk emailers, said MessageLabs'
chief security analyst, Mark Sunner."
""While Google Sites spam accounts for only one percent of all spam
currently, we anticipate that this technique's popularity will rival that of
its predecessors: Google Docs, Calendar and [Page Creator] spam," Sunner
said in a statement."
http://news.zdnet.co.uk/security/0,1000000189,39457158,00.htm
MessageLabs Intelligence July 2008: Spammers Use Google Sites to Host Spam
August 5, 2008
"MessageLabs, the leading provider of messaging and web security services to
businesses worldwide, today announced the results of its MessageLabs
Intelligence Report for July 2008. Analysis highlights that spammers
continued the trend of abusing Google's hosted applications to host spam.
Previously abused applications include Google Docs, Google Pages and Google
Calendar. Google Sites allows a novice to easily create a web page composed
of a string of random letters and numbers resulting in a URL that is more
difficult to block using traditional signature-based anti-spam tools."
""Google Sites is yet another way that spammers have programmatically
defeated CAPTCHA (Completely Automated Public Turing Test to Tell Computers
and Humans Apart) mechanisms, a validation technique that is designed to
defend against automated sign-up tools frequently used by spammers by
requiring the user to enter a string of letters," said Mark Sunner, Chief
Security Analyst, MessageLabs. "While Google Sites spam accounts for only 1
percent of all spam currently, we anticipate that this technique's
popularity will rival that of its predecessors, Google Docs, Calendar and
Pages spam. If this is the case, then we may see spam levels increase in the
months ahead.""
"Also in July, the number of new malicious websites blocked each day has
increased by 91 percent from 2,076 since June to an average of 3,968 new
sites intercepted daily. This month's rise in web threats, according to
MessageLabs, is due to the number of websites linked to SQL injection
attacks. This latest increase in malicious websites brings the threat to
record high levels."
http://business.itbusinessnet.com/articles/viewarticle.jsp?id=474031
Google Sites sending spam as CAPTCHA gets pwned
August 5, 2008
"According to the latest MessageLabs Intelligence Report, the Google Sites
CAPTCHA spambot defences have been compromised by spammers..."
"The MessageLabs Intelligence Report for July 2008 reveals that spammers are
looking towards Google Sites to spread their wares. This follows on from
previous spam attacks directed at Google Docs, Google Pages and Google
Calendar."
"Researchers look at it as being just the latest in a continuing trend that
targets Google's hosted applications in order to exploit the brand trust to
distribute spam and malware. There are two reasons why Google Sites has been
targeted, they say:"
"Firstly, it allows the novice to create a web page that comprises entirely
of a string of random letters and numbers with relative ease. This results
in a URL that is far more difficult to block than most when using
bog-standard signature-based anti-spam tools."
"Secondly, and a lot more worryingly so, is the indication that the
'Completely Automated Public Turing Test to Tell Computers and Humans Apart'
or CAPTCHA entry validation system has been pwned."
http://www.itwire.com/content/view/19860/53/