News Stay informed about the latest enterprise technology news and product updates.

Spam botnets get smarter, target victims using personal data revealed on social networking sites

Security experts warn that spammers are harvesting personal information from public sites and using it to make phishing attacks more targeted and effective.

Junk email messages now outnumber real email by almost 10 to 1, but it's not the incredible volume of spam that has security experts concerned -- it's the increasing sophistication of the botnets that send spam, their ability to bypass corporate security nets and the increasing level of social engineering involved in attacks.

Less than 1% of all spam contains some kind of malicious payload, according to MessageLabs. But phishing attempts -- which are designed to trick recipients into revealing financial data on fake Web sites, among other exploits -- make up more than two-thirds of all malicious messages.

Spammers are using social networking sites such as MySpace to harvest the names and addresses of victims, as well as other identifying data such as zip code and street address. That information can make a fake message from a bank, for example, look more real and increase the likelihood that a recipient will fall for the scam.

That level of specificity increases the risk because people are more likely to trust (and fall for) emails that not only appear to have come from their own bank, but also include some level of accurate personal information, according to security experts.

Smishing -- attacks using SMS -- are also becoming more common as consumers increase their dependence on cell phones, VoIP phones and other non-computer IT devices.

The original version of this story appeared on TechTarget's

Dig Deeper on Managed network security services

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.