Vendors disagree on PDF spam volumes

BitDefender researchers have revealed that its detection rates for PDF spam are reducing and attributed the change to the relative ineffectiveness of the method, stating it requires more user interaction than usual e-mail spam.

According to Vlad Valceanu, head of the anti-spam labs at BitDefender, PDF spam will likely cease to represent a significant percentage of the spam flow in the weeks and months to come. “The method peaked about two weeks ago, but the whole wave was relatively short-lived,” he said.

But, according to Paul Ducklin head of technology at Sophos a quick look at statistics suggests that there has, if anything, been a slight increase in PDF spam, measured week-on-week, over the past month.

“PDF spam is not new, we've been seeing PDFs in our spam traps on and off for some time, but its use in large spamming campaigns is new,” said Ducklin.

“I don't think this change can be regarded as statistically significant, or as teaching us anything about the immediate future of spam except that the use of PDF attachments is now a well-known technique throughout the cyber criminal community.”

Moreover, reports published this week by researchers at both IBM's X-Force threat analysis centre and McAfee Avert labs indicated a growing adoption of the technique.

“In any case, whether the proportion of spam using PDFs halves or doubles isn't particularly important, either way you'll want to be rid of it,” added Ducklin.