According to online message management company Postini, the amount of unsolicited e-mail spam has risen by 73% in the past three months.  These figures really don’t surprise me at all!

As many of you are well aware we also own a small Web hosting business, upon which many of our customers entrust their e-mail services.  All accounts come equipped with the ever reliable MailScanner software, which up until recent times has done a remarkably good job at filtering out most of the unsolicited e-mail.  This has changed over the past few months, where we have seen a steady increase in the amount of complaints from customers about the amount of spam that they are receiving into their inbox.

So what has changed these past few months?

There are many online experts who believe that the level of spam has not increased so much as the sophistication.  In a recent article, Brian Livingston states research from London-based analyst Richie Jennings that mentions that “naive commentators wrongly issued him that a doubling of spam in the inbox equals a doubling of spam on the Internet.”

His research indicates that spam has increased up to 20% in the past three months.  However the real interesting aspect is that they have seen a 100% increase in the amount of spam that is being delivered to people’s inboxes.

He also mentions that this increase in delivery is due in part to the spam messages ability to use images to convey content rather than traditional text e-mail based messages.  These image-based e-mails are proving to be very successful in their ability to bypass traditional spam filters such as MailScanner.

Just who is sending this spam?

A lot of the problem has also been attributed to a group of Russian hackers that are using a Trojan named “SpamThru” which is reported to have hijacked over 70,000 computers. This particular botnet is showing a new level of sophistication and is theoretically capable of sending a billion spam e-mails per day.

Security analyst for SecureWorks John Stewart found that SpamThru was a complex operation with a data base hacking component that signalled the ability of the spammers to target their “pump and dump” scams with victims associated with financial institutions.  According to Stewart, about 20 small investment and financial news sites have been breached with the express purpose of obtaining user information to target with their “penny stock scams”.

“They’re breaking into sites that are somewhat related to the stock market and stealing e-mail addresses from those databases. The thinking is, if they get an e-mail address for someone reading stock market and investment news, that’s a perfect target for these penny stock scams,” Stewart said in an interview with eWeek.

Can anything be done to stop this?

From a technical point of view, I’m sure that there are many companies working on solutions to these type of issues, but the real problem lies in that the antispam/antivirus/antispyware/antimalware vendors are always one step behind the spammers and hackers and are forever playing catch up.

There are those that also believe that the ISPs also shoulder part of the blame in that they should be blocking all unauthorised traffic on port 25 which is used by computers to send e-mail.  David Hart believes that any port 25 traffic not destined for an ISPs own mail server and accompanied with an authorised username and password should be rejected.

A lot of blame should also be dumped upon most Gulf overnments around the world that have very weak spam laws and should be looking to shut down and deter spammers with extremely harsh penalties.

From an Internet user perspective the best thing that anyone can do is not purchase any of the crap that these guys are trying to sell.  If we don’t buy anything surely they won’t have any money to fund their projects and pony for the bandwidth they use.

One of the many joys of using the Internet is the convenience of Internet banking. No longer do we need to be subjected to the mundane task of going to the bank, it can all be achieved from the convenience of our own homes or office. Internet banking has been a godsend to our business with a majority of our customers happy to use a direct deposit transfer as a preferred method of payment.

Unfortunately many are still apprehensive about using Internet banking due to the amount of horror stories that are associated with un-authorised access to accounts. It is no surprise that people are apprehensive when you read about organised crime rings devoting more time to online fraudulent activities in their traditional criminal activities. This is unfortunate as they are really missing out on what is one of the most convenient tools available. Up until now I believe the banks haven’t really done much to install trust in using their systems safely and more importantly securely.

I was pleasantly surprised when logging into my Suncorp account to see that they had introduced a new feature aimed at promoting a new level of Internet banking security. Suncorp have decided to introduce what they call their Internet Banking Security Token system, whereby they have introduced an extra layer of security to help protect your account details.

The security token system information on their site is pretty poor, but what I can take out of it is that you are supplied with a small electronic device which generates a six digit code every 60 seconds. When conducting any type of Internet banking transaction you will need to enter the generated six digit code, along with your current customer ID and password.

All in all this is a nice feature (even if the security token does cost $20), it’s just a shame that we are forced to take these extra steps.