Messagelabs Notes Shift In Malware Strategy

Have you receieved one of those spam emails about the latest hot stock? It usually comes as an embedded image because text would get filtered by most spam filters and antispam is still catching up to defending against image spam. But, I digress. Messagelabs is reporting that some of these emails contain not only the image spam, but also embedded links which lead to web sites hosting malware which will infect vulnerable computers. They note it as a change in strategy- to use spam to also spread malware. I disagree. Or, at the very least I find it a semantic argument. When I get an email with a malware executable file attachment, I consider that spam spreading malware. When I get an email with an executable that installs spyware, or a phishing attack trying to get me to visit a malicious web site, I consider them all malware being delivered by spam. This approach may be slightly different, but overall I don't think it is new that spam is the delivery mechanism for malware. I guess it comes down to whether you define "spam" as purely unsolicited advertisements, or as all unwanted email. I go with the latter, so all spam, virus, spyware, phishing, etc. are all spam from my point of view. Messagelabs has also noted an increase in targeted attacks. For more details, read Hackers debut spam and virus sandwich from The Register.