09-16-2006, 07:53 AM
Quote:Spam is primarily spread in four ways:
The first, and least common, is spammers that obtain temporary legal and real accounts with ISPs. This is less common because most ISPs quickly shut down these accounts. There are a few ISPs that turn a blind eye, but they are likely already known and blacklisted.
The second method used to send spam is through compromised hosts, usually workstations and home computers on high-speed connections such as DSL or cable modems. These systems are usually compromised and have become part of large networks of zombie systems called bot-nets. The owners of these bot-nets then either use them to send spam or rent them to spammers who use them to send spam. In my research, the cost to send spam through these bot-nets was very cheap - usually only a few dollars per ten thousand addresses.
The third way spam is spread is using web forms. This is an aging strategy, but remains viable. The spammers scan the Internet for vulnerable web forms, then use them to send their spam. This is much less common than before as many organizations have learned this trick and hardened their forms. I tested this by placing a form that seemed vulnerable online. It took about 96 hours for it to be found and once they identified it, spammers began trying to abuse it within one hour. The attempts continued until I removed it. This suggests that the spammer community maintains a database or list of vulnerable forms. They appear to have a level of coordination and communication...
full article: http://security.itworld.com/4774/nls_sec...age_1.html