October 03, 2008, 9:56 AM — Spammers are again attacking Microsoft’s CAPTCHA system and so far have a 10-15% success rate. They’re using automated bots to defeat the system, which was revised and revamped after it was attacked successfully earlier this year. Experts have found that the process involves three stages. First, instructions are sent from a host machine to one on its botnet. The infected machine then begins to attempt to crack the CAPTCHA system, and then the bot uses the successfully created Live Hotmail accounts to send large amounts of spam.
Services like Live Hotmail and GMail have become favored targets for spammers and phishers because of the DomainKeys and Domain Key Identified Mail email authentication they use, which lets a sender’s reputation determine email delivery. The more reputable the sender, the less likely mail from them will end up in a spam filter or blacklist. The messages and senders are authenticated with a digital signature and private key. The server receiving the message decrypts the signature with a key obtained thtough the DNS of the sender’s domain (hence the name DomainKeys) to determine if it matches the email message. Once the message and sender are determined to be authentic, the sender’s reputation is used to decide the delivery status. Senders with bad reputations or messages with missing or fake signatures stand a very strong chance of being rejected while those from reputable senders and good signatures are usually delivered. While most ISPs haven’t adopted this technology yet, many web based email providers and services have, including Yahoo, GMail, Ebay, and Paypal. Read the rest of this article
