Spammers manage to crack Captcha codes in Gmail

By Isabelle Chaize

MessageLabs researchers have seen a marked increase in spam coming from Gmail, Googles webmail service.

This indicates that there are serious worries concerning Gmail’s security, with the researchers saying that they believe the rise is down to a breach in the Captcha codes system.

Captcha codes are boxes designed to prevent the automatic creation of multiple accounts by spammers. They require customers to enter a sequence of numbers and letters copied from an image, which are not easily copied by a machine.

However e-mail providers are limited in their quest to stay one step ahead of potential spammers, who are developing new ways of bypassing the protection measures, by the necessity that any image they use can be realistically deciphered by a genuine human user.

Ways of decoding the Captcha boxes include using alogirthms, enlisting human help through crowdsourcing programs like the mechanical Turk, or a combination of both.

Mark Sunner, chief security analyst at MessageLabs, said ‘this is creating ever more doubt about the long-term effectiveness of Captcha as a security mechanism for email services’.

The rise in Gmail-based spam caused Gmail’s share of total spam to double in February to 2.6%. However this is still a small proportion of overall spam, especially when compared with Yahoo Mail which accounts for a huge 88.7%.

A Google spokesperson said ‘fighting spam is a never-ending battle. We disabled these accounts immediately and will continue to do so if they spread.’