Following spam images to MP3 spam

Last week the global security community was surprised to witness the appearance of this type of audio spam. Never before appeared but only in about a week this type of spam accounted for 10% of the total amount of spam spread on the Internet.

Instead of text content or image files, the above type of junk is attached to an MP3 audio file that records the entire content to be sent.

It can be said that the explosion of this type of audio spam is a prediction. It is part of a series of tactics invented by spammers through content filtering tools. In the last 6 months or so, there are new forms of spamming appearing. These all use standard file formats such as images or PDF files to avoid the eyes of the filter, this time they convert into MP3 files.

Usually MP3 files named dadsong.MP3, oursong.MP3, weddingsong.MP3, santana.MP3, sayyousayme.MP3, smashingpumpkins.MP3, bbrown.MP3, bspears.MP3, gloriaestefan.MP3, beatles.MP3; answeringmachine.MP3, coolringtone.MP3, listentothis.MP3 or elvis.MP3. The main content of these files is to encourage users to invest in a certain type of stock, help the spammer make a big profit from that stock.

Security researcher Joe Stewart said the probability of this type of spam is relatively low because, first, the sound quality is too bad and, second, it needs user intervention (at This is the user needs to turn on the MP3 file to hear the content). There are also some other weaknesses that MP3 spam takes up a lot of bandwidth and capacity.

But Stewart admits that this time the MP3 spam is just a test step. The next step is the MP3 spam category with better sound quality. In addition, MP3 files may also carry malicious code. When users open this MP3 file, they will not only hear the content but also be infected with malicious code.

Hoang Dung