New Excel Spam Hits the Airwaves, Commtouch Reports

Share Article

Microsoft Excel is the newest packaging spammers have created for their stock pump-and-dump scams, Commtouch (Nasdaq:CTCH) reported today, based on the Company's analysis of billions of email messages globally.

Excel is a natural progression after the recent spate of PDF spam, which itself is a natural development from basic image spam

    First identified and blocked by Commtouch on Saturday, July 21, at 1:20 pm GMT, the Excel spam promotes stocks in file attachments with names like "invoice20202.xls," "stock information-3572.xls," and "requested report.xls."

"Excel is a natural progression after the recent spate of PDF spam, which itself is a natural development from basic image spam," said Amir Lev, Commtouch's chief technology officer. "We expect other file formats to follow suit; think of the spam potential in Powerpoint files, or Word documents."

Spammers may assume that by wrapping the same message in a new format, they will bypass most anti-spam engines that try to analyze the content of mail messages. However technologies that rely on identifying patterns in mass emails, such as Commtouch's Recurrent Pattern Detection technology, block these types of messages automatically, regardless of the content or format.

Like other types of spam messages, the excel spam is being sent from zombie computers or "bots," typically home PCs that have previously been infected by Trojan malware. Spammers control massive numbers of these bots in vast "botnets" that they rally together to launch global spam and malware outbreaks.

Malware writers have used Excel in the past as a carrier for viruses, for example in a series of attacks during June and July 2006 that exploited vulnerabilities in Microsoft software, including Excel, Microsoft Word, and Powerpoint.

Commtouch Recurrent Pattern Detection Technology Defends Inboxes

Commtouch's Recurrent Pattern Detection (RPD) technology protects against spam and virus attacks in real-time as they are mass-distributed over the Internet. The unique content-agnostic technology detects and blocks spam in any language and is highly effective against image-based, PDF and the new Excel spam. Commtouch's Reputation Service offloads unwanted traffic at the network perimeter based on the reputation of email senders, dynamically identifying zombie-generated spam and malware in real-time.

About Commtouch

Commtouch Software Ltd. (Nasdaq:CTCH) is dedicated to protecting and preserving the integrity of the world's most important communications tool -- email. Commtouch has over 16 years of experience developing messaging software and is a global developer and provider of proprietary anti-spam, Zero-Hour virus protection and Reputation Service solutions. Using core technologies including RPD(TM) (Recurrent Pattern Detection), the Commtouch Detection Center analyzes billions of email messages per month to identify new spam and malware outbreaks within minutes of their introduction into the Internet. Integrated by scores of OEM partners, Commtouch technology protects thousands of organizations, with over 50 million users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Sunnyvale, CA. For more information, see:, including the Commtouch online lab detailing spam statistics and charts.

Recurrent Pattern Detection, RPD and Zero-Hour are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Rebecca Steinberg Herson
Commtouch Software Ltd.
Email >