Spammers turn to web redirection to avoid detection

Spammers turn to web redirection to avoid detection

Spammers send users via legitimate sites in bid to avoid anti-spam technology

Spammers are ramping up their use of redirection techniques to try to get around many anti-spam filters, a security firm warned today.

The latest flurry started about 10am Tuesday morning and by 11am represented an estimated 4.3 per cent of the spam on the internet, according to anti-spam firm

The technique, most commonly found with pharmaceutical spam, sends a user to a web page and the user is then automatically redirected to another web page. This technique is specifically designed to get around databases of destination URLs that many anti-spam technologies rely upon.

"Spammers are constantly looking for solutions to avoid detection by anti-spam technologies so that they can reach more eyeballs. We have seen a substantial increase in spam messages being sent where the hyperlinks contained in the messages are actually links to legitimate sites that are then redirected to the spammer sites," said Ben Westbrook, CTO of Mail-Filters.

"Because the hyperlink appears to be to a legitimate site, most anti-spam technologies will determine it is a legitimate message or create false-positives by misidentifying legitimate email messages that contain links to these same sites,” he added.

"This latest technique is coming in a flurry of messages that sometimes have breaks in the sending – implying the spammer is evaluating techniques to see what message receives the highest response rate."

A byproduct of this new spammer technique is that legitimate websites are seeing increased traffic during the redirect process. This increased traffic could create significant load problems for some sites. In addition, unassuming websites that are being targeted by the spammers find themselves in the embarrassing situation of being associated with spammers.