Scammers are getting better at avoiding filters by using file formats not generally blocked or difficult for filters to disassemble. First there was “image spam”, then the spam that used the PDF file format. And now the newest version of MP3 spam is spreading rapidly. Last week this audio form of spam has risen from being virtually nonexistant to become 10 percent of all spam traffic, according to several security researchers.
In the MP3 version, the user receives an MP3 file that carries a name that invites clicking. Some titles include: oursong.MP3, weddingsong.MP3, smashingpumpkins.MP3, beatles.MP3, coolringtone.MP3, listentothis.MP3 and others, according to Cyberoam researchers, who are tracking the problem. The files range in size from 88KB to 150KB. When opened, the users hear a synthesized voice enticing to invest in a penny stock. The quality of a file is extremely poor and this is one of the reasons why this form of spam is destined for a lower success rate, the other reason is the amount of end user intervention required.
However, these tactics tend evolve rapidly and this could simply be a test run for a better audio spam attack in the future. And although no malware was detected in audio files so far, that “feature” could certainly be added.