Cyber crooks and spammers are always on the lookout for ways to reach and victimize the largest amount of individuals possible. And sometimes even Internet giants such as Google and Yahoo make mistakes that allow them to do that.
Spurred by the great amount of spam recently received from Picasa Web Albums and Yahoo! Groups, Sophos’ Chester Wisniewski find out how spammers are able to abuse those services and why – despite the spammy subject lines – these emails are not blocked by anti-spam filters.
The second question was easier to answer: reputation filtering. These services and the companies behind them obviously have a good reputation when it comes to avoiding being misused for spamming. Whether this reputation is deserved or will stand the test of time is another matter.
So back to the first question: how do spammers take advantage of Picasa Web Albums and Yahoo! Groups to do their dirty work?
In both cases, the effort a spammer must put in is almost laughable. With Picasa, he must simply create an account with the service, upload a photo and share it with as many users (email addresses) as possible.
And with Yahoo! Groups, all he has to do is to create a group and add users to it. “Yahoo! Groups seems to have a mechanism built for the convenience of spammers, the ability to add anyone to a group without their permission,” points out Wisniewski. “Every time the spammer wants to reach you he can now depend on Yahoo! to send his message, digitally sign it with DKIM, have valid SPF records and successfully evade reputation-based spam filters.”
Hopefully, now that he has brought the issue to light, the two companies will take notice and think about some changes.