- Is Microsoft preparing us to move beyond Vista?
- Why Google wanted to lose wireless spectrum auction
- iPhone shortage fuels rumors of imminent 3G phone
- XP for cheap PCs: a second crack in the wall
- Darts into data: Leveraging random action to competitive advantage
- Most iPhone buyers are existing Apple customers
- AT&T's so-called open network principles
- Mono dev tool offered
- ActiveState upgrades IDE
- Serena plans SaaS products
February 23, 2005 | Comments: (0)
Batten down the hatches for IM spam
Instant messaging spam has arrived and the potentially dangerous annoyance is bound to get worse.
New research released this week by Pew Internet & American Life Project indicates that about 17 million U.S. adults have received IM spam, or spim. Pew conducted a telephone survey of 2,200 U.S. adults in January and February this year and found that 30 percent of IM users had received spim.
What's worse is that spim is projected to skyrocket. According to The Radicati Group, spim will grow from 1.2 billion messages by year-end 2004 to 17.9 billion messages in 2008.
IM is becoming a growing target for spam and viruses due to expanding IM usage in consumer and corporate settings and because spammers are seeking to unearth new, lucrative opportunities.
Although not nearly as common as e-mail spam, spim holds the potential to be much more dangerous than spam, said Michael Osterman, president of Osterman Research.
"The problem is potentially more serious because of the nature of IM spam," Osterman said. "IM spam tends to more virus-like. Instead of just getting an annoying e-mail, with [spim] you may get infected with a trojan horse. And once it gets into your buddy list, it can spread very quickly."
In the contact list set up of IM, a link sent from a trusted sender might be opened more readily than would a spam e-mail message sent from an unknown address or an e-mail virus sent from an acquaintance.
"Part of the problem with IM viruses is if one individual gets infected, everyone gets infected. If you see a message from a trusted sender on your buddy list you are likely to click on it," Osterman said.
For enterprise IM, the tipping point has yet to arrive, according to Jonathan Christensen, CTO of IM security and compliance vendor FaceTime Communications.
Major enterprise IM vendors including IBM and Microsoft are working to federate the typically centralized and closed corporate IM systems. This move will enable private IM systems to connect to IM users outside a company's firewall. While necessary to deliver real-time communications to business partners and customers, this move may exacerbate the nascent spim issue.
"The next generation of enterprise networks will include federation technologies so they can connect in similar ways [that] e-mail connects today," Christensen said. "Potentially, it [could be] SMTP all over again."
Today's enterprise IM deployments need to reach beyond their own network population to connect to other networks, Christensen said. That connectivity will deliver a more standards-based IM infrastructure, but also could introduce new vulnerabilities, he added.
"The spim problem could get a lot worse, depending on what security is embedded and the care with which enterprise IT rolls the products out," Christensen said.
If enterprises are not careful, "they will end up with a wide open architecture, [which is] where e-mail is today," he said.
Posted by Cathleen Moore on February 23, 2005 03:50 PM
RATE THIS ARTICLE:
-
- COMMENTS
TOP STORIES
ADDITIONAL RESOURCES
- Do you have the power to resolve technical issues with one call?
- Take control of your content- leverage Microsoft SharePoint
- Keeping the E-Mail Flowing
- SGI Adaptive Data Warehouse: Building a High-End Oracle Data Warehouse
- Five Steps to Secure Outsourced Application Development
- Global Shared Memory: Performance and Productivity Breakthroughs
