Spammers are taking advantage of hosted web services to spread malware.
Tools such as Google Docs and Microsoft SkyDrive are being used by criminals to publish malicious content.

The shift in method is being adopted as security vendors are having success filtering out emails that link to malicious web sites.

The new breed of spam emails contain links to a Google document which hosts links on another site.

“The method is effective because it gives spammers unlimited bandwidth, and no spam filter blocks emails with a Google link,” said Paul Wood, senior analyst at MessageLabs, which uncovered the practice in its monthly intelligence report.

Spammers are also taking advantage of Google Analytics to gauge their success. The technique is new and has been used infrequently in the past month.

It could also be used for phishing emails directing people to malware-hosting sites.
Used in combination with botnets such as Srizbi that send out unprecedented amounts of spam, the method could greatly increase spammers’ efficiency.

The technique represents new challenges for Google, Microsoft and Yahoo, and is likely to grow as web hosting popularity makes it hard to identify rogue content.
Google Docs has a “report spam” function, but critics say it rarely leads to pages being shut down.

MessageLabs said it has notified those hosting rogue content, but has yet to see any removed.

The practice is indicative of a wider problem, said Graham Titterington, security analyst at Ovum.

“Security vendors are increasingly reliant on reputation filtering, and it is an effective technique to use big brands to shelter criminal activity,” he said.