There’s been some talk about the latest incarnation of spam that perverts legitimate sites for the purpose of commercial spam, a subject we have been discussing for a while on this blog, starting back in January. A few interesting articles on Google Docs spam came out this week based on some outreach by MessageLabs. (InternetNews, SearchSecurity, and others).
Is this new type of spam unexpected? No. It was blogged about as early as Jan. 2007 (no, that’s not a typo in the year). Was it a false alarm in 2007? Not sure, but if there was google docs spam back then, it was such a small outbreak that it was hardly noticed; a year later Commtouch’s Amir Harel looked into it, and still this phenomenon had not surfaced in a major way by Jan. 2008.
So Google Docs spam started in larger quantities in the last few weeks. Just to keep things in perspective, these have been very small outbreaks from what we’ve seen in our detection center, probably a test run, maybe similar to the MP3 spam we saw last year, which had a short-lived burst of popularity and then died out, probably because it was too resource intensive for too low an ROI. If spammers are able to automate the process of creating the Google docs, then we could be in for a bigger onslaught. However as long as Google keeps the process primarily manual, then it can never reach the big time like, for example, image spam.
Interested to see what the Google docs spam looks like? Here is a sample message (note the Baysian poisoning text at the bottom):
And, of course, a sample Google docs page, that such a message may lead to:
So it was pretty clear that this new type of spam message was just begging to happen. Which brings me to the big question – are the spammers reading the anti-spam blogs, looking for new ideas? I wouldn’t be surprised to find out that they are; however, I think the spammers are pretty creative, even without all of the anti-spam industry’s cool ideas, but even so, maybe we should keep our future predictions to ourselves…