Spammers Use Non Delivery Reports To Reach Inboxes

Figures released by security company PandaLabs show that cybercriminals are beefing up spamming attacks using emails tailored to resemble the legitimate automated non-delivery report (NDR) messages.

The cloud security company found a massive 2,000 percent hike in the count of malware infested NDR messages in the last month, compared to the number of NDR spam messages sent in the first half of the year.

As many as 20 percent of all global spam messages detected by PandaLabs have been using this technique to trick email users, making it a prominent form of spam presently in use.

Luis Corrons, PandaLabs’ technical director, said in a statement: "There is presently no consensus on whether NDRs are a technique used to evade anti-spam filters, or a collateral effect of dictionary attacks. Either way, this technique is now among the most widely used".

As majority of NDR messages are legitimate and form a significant part of mail server functionality, several traditional anti-spam methods simply failed to detect and block these messages until now, Corrons added.

Spammers usually attach their malicious payload as an attachment to the bogus non-delivery notice, usually sent through botnets, to infest victim’s computer with malware content and even seize its admin rights remotely.