Microsoft Excel is the newest packaging spammers have created for their stock pump-and-dump scams, Commtouch Software has reported, based on the Company's analysis of billions of e-mail messages globally.
First identified and blocked by Commtouch on Saturday, July 21, at 1:20 pm GMT, the Excel spam promotes stocks in file attachments with names like "stock information-3572.xls," "invoice20202.xls," and "requested report.xls."
"Excel is a natural progression after the recent spate of PDF spam, which itself is a natural development from basic image spam," said Amir Lev, Commtouch's chief technology officer. "We expect other file formats to follow suit; think of the spam potential in PowerPoint files, or Word documents."
Spammers may assume that by wrapping the same message in a new format, they will bypass most anti-spam engines that try to analyze the content of mail messages. However technologies that rely on identifying patterns in mass e-mails, such as Commtouch's Recurrent Pattern Detection technology, block these types of messages automatically, regardless of the content or format, according to the Commtouch news release.
Like other types of spam messages, the Excel spam is being sent from zombie computers or "bots," typically home PCs that have previously been infected by Trojan malware. Spammers control massive numbers of these bots in vast "botnets" that they rally together to launch global spam and malware outbreaks.
Malware writers have used Excel in the past as a carrier for viruses, for example in a series of attacks during June and July 2006 that exploited vulnerabilities in Microsoft software, including Excel, Microsoft Word, and PowerPoint.