Bulk e-mail using attachments in the Portable Document Format (PDF) has begun to decline just a month after it first appeared, and spammers are moving on to Excel files, security firms said this week.
The seemingly short-lived adoption by spammers of PDF attachments began in mid-June, and peaked earlier this month. However, use of the format has started to decline, while an increasing amount of spam e-mail has appeared with Excel attachments. Enterprise security firm BitDefender noted the decrease in PDF spam on July 24 and predicted that the format will cease being a significant vector in the future.
On the same day, security firm McAfee found that Excel documents had started replacing PDF attachments in spam. The company warned that, while the attachments don't currently attempt to compromise systems, future attachments could include Office exploits, similar to the files used to deliver targeted Trojan horses.
"A worrying thing is that people may get complacent about Excel spam if it continues," McAfee security researcher Nick Kelly said in a post on the company's Web log. "Macro-based exploits are currently making a come back. Imagine what might happen if both the spam presentation and an exploit is combined. A person might open the spreadsheet and think that it was a pump and dump spam, in the meantime a payload would have been dropped."
PDF spam replaced the image spam commonly used in pump-and-dump stock schemes. Image spam has declined to about 10 percent of all spam, according to McAfee.
Posted by: Robert Lemos