Why .pdf spam went pffft

It’s no secret that spammers have informal communications channels and freely share tricks of the trade on the Internet. But what happened in August is enough to make you suspect they have an organized trade union – or even a government – that allows what would otherwise be a scattered collection of freelance vermin to operate in surprising unison.

We're talking about the meteoric rise and fall of .pdf spam, which was reported by Network World and others just before the holiday.

According to a monthly report from Symantec, .pdf spam was accounting for 20 percent of all junk e-mail in early August but by month's end had dissipated to less than 1 percent. Other spam watchers reported similar plummets.

Maybe there's some kind of SpamWorld newsletter that provides monthly marching orders and the word went forth on .pdf to cut it the heck out. Unlikely, yes.

So I asked Symantec's public relations department to ask one of the company's experts to explain what might account for such a sudden abandonment of what had become a suddenly popular tactic. Here's what I got back from Doug Bowers, Symantec's senior director of anti-abuse engineering:

The why boils down to a few key points:

Spammers are motivated by money.  PDF spam burst onto the scene in Mid-June because spammers thought they could use it to get their message through (primarily stock pump-and-dump scams) and make a buck.

It's dropped off quickly for one of two reasons: 1) Spammers are recalibrating their attacks and will relaunch after making adjustments; 2)  spammers have be become convinced that antispam systems are blocking this type of attack effectively enough that their time is better spent on alternative approaches.  This could be cooking up a new

type of attachment-based spam -- using MS Word, Flash video, etc -- or coming up with a new approach entirely.

My expectation is that we haven't seen the last of this type of attack just yet.  With image spam we've seen a gradual decline over the last few months too.  The quick burst and retreat of .pdf spam tells me there could potentially be another wave in the works.

Makes sense. But I still like my newsletter theory.

Welcome regulars and passersby. Here are a few more recent Buzzblog items. And, if you'd like to receive Buzzblog via e-mail newsletter, here's where to sign up.

Vinnie the IT pro vs. Verizon customer service.

Why phone-record thieves laugh at the law.

Santa's unimaginable data disaster to mean empty stockings on Christmas.

Gates on education: Knowledge is good.

Average Joe asks Bill Gates a priceless question.

BSA, software giants target little guys most often.

Can the geek press handle a Microsoft sex scandal?

Hacking for better grades gets 4 preppies bounced from elite school in Mass.

This year's "25 Geekiest 25th Anniversaries."

When the patient is a Googler and the doctor is a pompous jerk.

Cell phone jamming on the rise.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:
Now read: Getting grounded in IoT