Spiritual Spam Becoming More Active
Dec 18, 2004 1:30 AM PT
Move over all you unsolicited ads for Vicodin and Viagra. Make way senders of ads for phony Rolex watches and new mortgages. You are about to share in-box space with something much more ethereal. Spiritual spam is on the rise.
Managed e-mail and Internet security firm MessageLabs has spotted an emerging trend for unsolicited e-mail containing religious content. Recently the company has intercepted a number of spiritual spam messages, and researchers have found other examples on the Internet.
"In recent weeks the volume of spiritual spam has increased significantly," Paul Wood, chief information security analyst for MessageLabs, told the E-Commerce Times.
Spiritual spam has been around for some time. However, until now, at 2 percent, it has been a very small proportion of all spam. Spam now accounts for around 76 percent of all e-mail traffic, according to MessageLabs.
"It has been below the radar for most security firms to pay much attention," he said.
Wood said spam analysts are not certain why activity is increasing. Since the Can-Spam Act does not regulate this type of message content, spammers might be trying new tactics.
The spiritual spam messages might also be an attempt by spammers to count responses to see how effective their messages are. Many of the messages include a link for recipients to click for an affirmation of the message.
Wood said the increase in spiritual spam might also be an attempt by the spammers to harvest a new crop of e-mail addresses.
From what MessageLabs has seen so far, the source of much of the spiritual spam is from legitimate organizations trying to sell Bibles or other religious items.
"It is mostly Christian in nature. We have not seen any Islamic spam yet," Wood said.
No Vulnerabilities Targeted
Wood said analysts do not think the spiritual spam comes with any ulterior motives yet. The messages are mostly innocuous.
"But the messages could be annoying if they do not pertain to your particular religion," he said.
So far there is no sign of spyware being associated with the spiritual spam. However, some of the messages are sent in HTML format. That makes it possible for spyware to slip in when the recipient retrieves a message or clicks on a link.
"We have not seen anything specifically related to spyware yet," Wood said.
Hallelujah! Spam Now Offering Salvation
Spiritual spam varies in nature and does not always try to sell a product or service to its recipients. Some messages want recipients to believe they can get rich through God.
In one type of spiritual spam circulating, recipients are urged to accept God and are given a prayer that can "Save you or someone that you love."
Another type of spiritual spam appears to be a variation on the well-known Nigerian scam. The sender seeks a "better Christian individual" to receive US$18.6 million for religious purposes -- but if followed though, in the end it is the spam recipient who will be lighter in the wallet.
Spiritual Spam Sample
Here is the body text to one of the prevalent spiritual spams turning up with increasing frequency.
Eternity is a really long time. If you or someone close to you has not accepted God, please do so tody [sic]. The following prayers can save you or someone that you love.
Say, "Oh God, save my soul. I'm so sorry that I have sinned against you, but I have come home. I will serve you, Lord, the rest of my life. Deliver me from all my sinful habits. Set me free! I do believe Jesus died on Calvary for me, and I believe in His blood, that there is power in His blood to wash away all my sins, all my sins!"
Say, "Come into my heart, Jesus; come on in, Jesus. Come on in!" If you meant it, He has come. If you meant it, Jesus is yours. Start reading your Bible, pray daily and believe that somebody's listening. His name is Jesus.
Other religious "spam" e-mails include an HTML section. These messages can either be viewed in an HTML editor or pasted into a text file and loaded into a browser.
The subject line of one come-on claims, "Hey, we got the truth for you and nothing but." The text includes a reference to what portends to be Proverbs 1:1-33 BBE.
The subject line of another hawks, "Hey, we hope you receive and enjoy this tidbit of gospel."
The message announces that it is from a service for the Lord and Jesus Christ. It offers to stop future messages if the recipient clicks on the unsubscribe link.
Within the text, the recipient is invited to click on the picture or the gospel for free copies of the Lord's word in text, HTML and Windows software for more advanced reading.
The message concludes with a patriotic tiding: "This is an automated message from some people who just think it needs to be heard. GOD BLESS AMERICA AND OUR TROOPS!"
Some messages end with a statement that the recipient is receiving the newsletter in response to registering with an affiliate Web site and asking to receive updates.
"This is not UCE or SPAM," it concludes.
Wood said that a trend used in numerous spiritual spam messages is to attempt to defeat filtering methods. While hidden text is typical in spam, religious spam often includes Latin passages of a Biblical nature.
A portion of such Latin hidden messages reads:
ligata et in caelo et quaecumque solveritis exiens Iesus de domo
sedebat secus mareMosi holocausta et hostias Deo veneruntque
Aaronper prophetam dicentem ex Aegypto vocavi filiumtabernaculi sui in ipso
A quick Google search reveals that "ligata et in caelo et quaecumque solveritis" is from the Book of Matthew, Chapter 18.
According to Wood, the text was probably harvested from random pages on the Internet. Spammers then chopped it around the English text and pieced it back together in attempt to evade spam filters.
The Latin text often includes various religious references -- such as Moses, Deo/Deus, Aaron per prophetam dicentem ex Aegypto -- which could be roughly translated as, "Aaron the prophet who came from Egypt."
Holiday Season Might Be Cause
Not all of the spiritual spam is malicious, Wood said. The examples show how varied the content of spam has become.
With the festive season approaching, MessageLabs believes that more spammers could take advantage of the impending celebrations. This making the impact of spam on companies who only use desktop or gateway products even more pronounced, warn company officials.