The PDF Spam Spike marks an escalation in the spam war. Spam rates, which have seen triple digit annual growth rates over the past two years, spiked dramatically last week. Spammers are sending larger and larger batches of spam and using ever-evolving cloaking techniques to evade email security filters. The latest spike is a strong example of the latest layered threat.
A sustained flood of emails with PDF attachments and either no subject line, or a vague but widely applicable business term in the subject line, and no text in the email body was unleashed last week and continues to date. The difficulty with the PDF Spam is that it mimics a common business email practice, which is to send an email with no subject line or a vague subject line, no body text, and a PDF attachment.
When fighting any spam tactic, one must always choose the right balance between stoping bad email and not stopping good email. In other words, you can stop all of the spam and accept a high number of false positives (when legitimate message is caught in spam filter), or you can stop most of the spam with few or no false positives.
Security filters will adjust to the PDF spam (just as they did with Image Spam earlier this year) and will then be challenged again by something new. The name of the game is to stop the known stuff and withstand heavy barrages of the new stuff, without losing legitmate email in the process.