Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Word has it that spammers have started circumventing the CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) system used by Google’s email service, Gmail. It can be recalled that a similar issue happened with the Windows Live mail service a few weeks back.

    The two attacks are pretty similar in terms of using bots to register new email accounts. However, the Gmail attack is considered more complicated since it uses two compromised hosts in its attempts to break into the Google CAPTCHA system. The first host attempts to extract a copy of the CAPTCHA image in bitmap format then attempts to break the code. In case it fails, a second host uses the same image, but breaks it down into segments then sends it as a portable image or graphic file. Segmentation is the only task where humans still outperform bots, but it is steadily gaining attention and focus among spammers and bot herders.

    It is apparent in the mechanism above that Google CAPTCHAs are a lot harder to break than those from other email services—and it better be. Gmail provides a very wide window of opportunity for spammers in leveraging Google’s wide range of services for free. The popularity of Google makes it difficult to track spammers among the millions of users across the globe. This further makes Google’s domains highly unlikely to get blacklisted.

    Although breaking the Google CAPTCHA is of a very low percentage as of yet, we cannot deny that it works. We can expect more innovations in the future, and far more effective and creative ways of dealing with bots should definitely be in the to-do lists of email service providers as well.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice