Hacked emails spread spam faster: study

Spam spreads much faster and to more people when it is being propagated by hacked or otherwise compromised email accounts rather than legitimate accounts, according to new research.

The insight should help those modelling the dynamics of information diffusion as well as those hoping to track and trace spam with a view to slowing or blocking its propagation.

Spam traditionally contained ads for fake or counterfeit products, but currently also contains disruptive rumours and information of a political nature.

Ghita Mezzour and Kathleen Carley of Carnegie Mellon University, Pittsburgh, Pennsylvania, explain that spammers often use hacked accounts to spread spam.

Spam sent from hacked accounts is often given more credence than anonymous spam or spam with an obviously scurrilous or scandalous source.

This is by virtue of the spam coming from someone the recipient may know via the hacked account’s address book.

In some cases, the recipients believe the spam content is correct and forward it to their friends who may, in turn, forward it to their friends, researchers said.

Large numbers of accounts are hacked (or hijacked) through malicious software (malware) or by guessing passwords with the purpose of using them as hosts for sending out vast numbers of spam messages.

However, modelling the spread of this kind of information usually assumes that the source is a human deliberately sharing the information.

The team has found that modelling the behaviour of hacked accounts results in spam diffusion dynamics different from what work on information diffusion has predicted.

“Hacked accounts tend to more aggressively send spam, partly because deliberately, individually propagated spam is done manually, whereas hacked spam is more commonly generated automatically by the malware that has infected the account in the first place,” researchers said.

This aggressive behaviour of hacked accounts causes spam to reach more people faster. The online equivalent of word-of-mouth is powerful when a message is repeatedly and forcibly sent to one’s inbox, they said.

Today’s social networking sites are plagued by malicious accounts that behave aggressively and differently from humans, researchers said.

Understanding and modelling the effect of the behaviour of these accounts is important to reducing spam and attacks on social networking sites.

Emailhackingspam
Comments (0)
Add Comment