Google updates its anti-spam engine to block recent JavaScript attacks

Google has updated its Postini anti-spam engine following the recent surge in emails containing obfuscated JavaScript attacks.

These emails are a hybrid between virus and spam messages, and are designed to look like legitimate, Non Delivery Report messages.

“In some cases, the message may have forwarded the user’s browser to a pharma site or tried to download something unexpected, which is more virus-like. Since the messages contained classic JavaScript which generates code, the messages could change themselves and take multiple forms, making them challenging to identify,” it says in a post on the official Google blog.

“Fortunately, our spam traps were receiving these messages early, providing our engineers with advanced warning which allowed us to write manual filters and escalate to our anti-virus partners quickly.”

The Postini engine processes more than 3 billion email messages per day, and it has registered an upsurge in the volume of spam (16% more compared to Q1 2010), and a lesser increase (3%) in virus traffic. Although, it is worth to notice that – compared to the numbers of Q2 2009, virus traffic has increased for a whooping 260%!

Among other relevant threats, Google mentions the false social networking messages, those tied to major news stories, false shipping emails and the “friend in need” phishing messages.




Share this