As the Web evolves into an increasingly essential part of everyday life, the sheer volume of spam grows exponentially every year — and so too do the sophisticated tactics used to send it. Now there’s an even sneakier one.

r u looking 4 ways 2 improve your FInancial st@tus?

you’re a w1nner! claim f-r-e-e credit report!

Off1ce 2OO7 Pro 79 $ _Save_ 999,95 from retalI and down1oad lnstant1y

life Is short _ dont have problems w1th erectile disfunction f0rever

hello there R free p0rn

Damn spam.

In 2001, spam accounted for about five percent of Internet traffic; by 2004, that figure had risen to more than 70 percent, according to a recent assessment of spam’s origins published in The New Yorker. Approximately 85 percent of all e-mail messages received today are spam, says Bradley Anstis, Director of Product Management for Australia-based Marshal’s Threat Research and Content Engineering (TRACE) team.

“If the current increases in spam volumes continue in 2007,” Anstis noted in a statement in February, “users can expect at least 90 percent of all e-mail received to be spam by the end of the year.”

As the spam barrage persists, clogging the arterial passages of the world’s computer networks every second, spammers continually come up with one new trick after the next.

For a good part of last year, it was image spam that fooled filters and clogged inboxes. “These unsolicited commercial e-mail messages feature images that are intended to lure victims into visiting a Web site, downloading spyware or adware, or worse,” explains SearchSecurity.com‘s Eric Parizo.

The kinda-good news is that Symantec’s August State of Spam Report highlights the continuing decline of image spam, which reached a low in July from its peak in January. Stats from Symantec show the volume of image spam, which the company says began to decline in May, has continued to shrink from its all-time high of 52 percent of all spam sent in January to about 15 percent of total spam. Security vendors have gotten hip to the trick and have tweaked their products accordingly to block such threats.

Now that image spam finally is on the decline, though, there appears to be an even sneakier kind of spam…

According to Symantec’s Security Response Weblog:

Though still steadily declining, what we’ve come to think of as ‘image spam’ has not gone away. The preferred delivery method of this spam type is now PDF, which emerged in June of 2007 and was discussed in a previous post. Symantec is seeing PDF spam ranging between two to eight percent of all spam.

PDF spam, the latest trick, is “leading the charge and destined to become this year’s version of image spam,” according to Network World. With PDF spam, the spammer sends an e-mail message with a PDF attached — which most spam filters can’t read — that attempts to convince the recipient to purchase stocks.

As if engineers don’t have enough problems with PDF documents (CAD conversions, standard formats, etc.) — now they have to contend with this?!

Meanwhile, in addition to PDFs, the use of other document attachments is on the rise, as July saw the emergence of yet more tactics focused on spamming images. These tactics include the use of Microsoft Excel files and Zip files, both of which are increasingly being used as spam receptacles.

According to the most recent monthly State of Spam report:

Stock and pharmaceutical spam were traditionally the most common spam types sent by image spammers. As image spam has decreased these spammers need some outlet to peddle their spam wares. The extent of spam messages using Excel and Zip files remains low at this time, but it indicates just how committed spammers are to evading anti-spam filters.

Further, greeting card spam, which links to viruses, “remains a spammer favorite.” Though not new, it was particularly virulent in July, with more than 250 million such spam messages having been targeted toward a sample set of customers. The content of these messages included links ranging from everyday greetings to holiday-specific cards, such as the July 4th holiday. Each message contains a link to the “greeting card,” which, when clicked, delivers a downloader — a program that accesses the Internet and downloads a Trojan onto the computer.

Moreover, spam containing Chinese top-level domains — “cn” — significantly increased.

Every computer user in the United States knows one of the most common attacks: “male enhancement” medication spam. Well, according to Symantec, the European market — in particular the Italian market — is now seeing this spam type, as well. (Welcome to the club, amici!) What is different about this version is that all the subject lines of the messages observed were designed to make it look like the e-mail was from a friend.

Returning to work every Monday, I find myself spending at least the first hour of the workday wading through dating-service spam and ads for products designed to help those dates succeed. I receive hundreds of e-mail messages offering — through surgical, mechanical and, above all, pharmaceutical means — to help “pr0long” my “endurance,” as one spammer put it. Typically, there are also several hundred solicitations for low- and no-interest car loans, automatic mortgage approvals, sleeping pills, heart medicines (which, I assume, would come in handy if I decided to “pr0long” my “endurance”), diet aids, bootlegged software, “r0lex” watches, online casinos, “b00tylicious mp3s” and laptops — plus jobs that promise to let me work at home, do practically nothing and earn millions of dollars.

In all, each month thousands of these fantastic(al) offers are filtered straight to my various spam folders. Another hundred or so make it to my in-box. None of this takes into account the several hundred blog spam — “splog” — messages every hour that await authorization for publication on the IMT blog.

Let me reemphasize this, because I’m not sure you’re taking the journey with me: several hundred in any given hour, on top of e-mail spam.

So please bear with us if when you leave a comment on one of our posts it does not appear immediately — reader comments are ALWAYS welcome — or if we don’t immediately respond to an e-mail, as we’re probably sifting through it all to determine real messages and comments from these offers that are simply too good to be true.

And if a colleague or family member doesn’t immediately send a “ha ha ROFL” response to the silly picture you e-mailed of a cat poking its head through a ceiling, please give that recipient a break, too. He or she is probably mulling over whether or not to help the dead Nigerian dictator’s exiled widow get possession of $25 million in cash and thus receive a multimillion-dollar commission for “your kindness.” That’s a heavy burden.

Damn spam.

Related: The Fight for Inbox Sanity