Spammers bypass Google's Gmail signup security

An Internet research firm discovered spam bots are now able to register on Google's Gmail for spamming purposes. This latest attempt by spammers has been the most sophisticated recorded attempt to get around CAPTCHA, using both humans and bots.

The Completely Automoated Public Turing test to tell Computers and Humans Apart (CAPTCHA) test is designed to stop bots from being able to register on Web sites and Internet e-mail services to spam users. CAPTCHA technology is the jumbled letters in a small box that you must enter before being able to finish registration on most popular Web sites.

Google is the ideal target for spammers for a number of reasons, including a wide variety of services that can be targeted. Plus, it's free to register, and Google services are very unlikely to get blacklisted by companies.

Gmail will also remain a viable target since it's free and has a large number of users from around the world.

Just 1 out of every 5 bots is successful at registering through Gmail, but it appears the bigger problem is the organized group requesting humans help them slide by the CAPTCHA for a small sum of money.

Security research firm WebSense published a detailed look into how the CAPTCHA system is manipulated.

The Microsoft Windows Live Mail CAPTCHA defense was also compromised several weeks ago, using the same methods as Google.

Researchers have been looking into new anti-spamming technologies to offer a backup to CAPTCHA, but progress has been slow gowing. The problem with many new technologies, including CAPTCHA in some cases, is that it does deter spammers but also manages to deter many users trying to legitimately register for an e-mail account.