Panda spots rise of non-delivery report spam

Spammers are using fake email non-delivery reports to spread spam content sent as attachments.

Details of the practice came to light last month after researchers at PandaLabs recorded a 2000% increase in the amount of different non-delivery report spam messages in circulation over the numbers detected in the first six months of the year.

Non-delivery reports are legitimate messages that are usually generated automatically and signal that an email message to a sender has failed to be delivered for some reason.

Apparently the mail server function is being exploited by spammers to distribute spam, using the sender’s real name.

“The spam content is usually sent as an attachment to the fake non-delivery notice. Although in most cases users have not sent the supposedly undelivered email, they still become curious and open it,” PandaLabs said.

It seems that most anti-spam systems consider non-delivery reports as legitimate emails and according to the company, many traditional techniques did not detect or block them up until now.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up