Spammers Island-Hop to Bypass Filters

McAfee has announced that its anti-spam researchers have been tracking a new trend nicknamed ‘spam island-hopping’, in which island-hopping spammers use the domain names of small islands as Web site links in spam campaigns to disguise themselves from spam filters that traditionally catch more well-known domains.

McAfee traced spam activity from the Isle of Man to the tiny tropical island of Tokelau in the South Pacific.

Traditionally, spammers have used well-known top level domains (TLDs) such as .com, .biz or .info. By using top level domains from small island countries, such as .im from the Isle of Man, spammers attempt to avoid detection by using domains previously unknown to spam filters. Using a lesser- known top level domain makes it harder to distinguish spam from legitimate e- mail by examining the links in the e-mails.

This trend was first discovered when McAfee researchers noticed a significant increase in the use of .st domains, which is the top level domain for Sao Tome and Principe, a pair of small islands off the west coast of Africa. This unusual activity raised a flag for McAfee’s researchers, who then tracked the spammers on a virtual migration around the globe. Subsequently, spam using top level domains from small islands has continued to increase.

More from News & Analysis

What is the US HIRE Bill and why is India’s $250-billion IT sector worried? Is the internet dead? What's this theory that OpenAI's Sam Altman says might be true?

“This new trend is another example of spammers’ relentless quest to spread their abuse of Internet domains far and wide,” said Guy Roberts, senior development manager, McAfee Anti-Spam Research & Development Team. “Some of these islands have dozens of spammed domains per square mile.”

Stopping spam requires using advanced technologies like McAfee’s anti-spam products, which use domain name reputation, IP reputation filtering, and content filtering to stop a new spam campaign in less than three minutes.