Microsoft’s CAPTCHA Under Spammers Attack Again
Spammers and malware authors are once again attempting to break Microsoft’s CAPTCHA, and are able to sign up Live Hotmail accounts with a success rate of 10% to 15%, according to an assessment published by Websense. The “DomainKeys” verified server reputation is being abused in order to increase the probability of spam emails reaching the receipts.
Websense have discovered that spammers, in a recent aggressive move, have managed to create automated bots that can sign up for and create random Hotmail accounts, defeating Microsoft’s latest, revised CAPTCHA system. The accounts are then used to send mass-mailings.
Early this year spammers already demonstrated their adaptability by defeating a range of anti-spam services offered by security vendors by carrying out the streamlined anti-CAPTCHA operations on Microsoft’s Live Mail, Google’s Gmail, Microsoft’s Live Hotmail, Google’s Blogger, and Yahoo Mail.
Recognition rate is successful once in every 8 to 10 attempts to sign up for a Live Hotmail account. According to Websense, it is a modest success rate given that the academic community has managed to achieve 92% recognition rate in the past. But with hundreds of thousands of malware infected hosts, it appears that they are willing to allocate resources despite the modest success rate, and are actively spamming through the newly registered bogus email accounts.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.