What Is Snowshoeing And Is It Dangerous

What Is Snowshoeing?

Snowshoeing is essentially spamming on a very large scale. In a typical snowshoe spamming campaign, the attacker will use multiple IP addresses to spread spam mail across various domains.

The tactic gets its name from the way in which snow shoes can spread across a wide surface area. If regular shoes are used on snow or ice, it’s more likely that you’ll sink or slip; with snow shoes, a person’s weight can be spread out more evenly. In snowshoeing, the use of multiple IP addresses instead of one spreads the spam load across various domains.

The various addresses used in a single snowshoeing attack are designed to only send out a small amount of spam. Having multiple addresses each sending a low volume of mail allows the attacker to bypass typical spam filters, giving them a greater chance of reaching a victim’s direct inbox.

So, while some spam in a snowshoeing campaign may be caught and blocked by anti-spam features, there’s a good chance that some will make it through. Even when one domain is flagged and blocked, there could be five others that are not.

Snowshoeing has been around for some years now, with its first known instance dating back to 2009. But it took a few more years for the tactic to gain prevalence among cybercriminals. Unfortunately, snowshoeing can be very successful, which has fueled its rising popularity among malicious actors.

Why Is Snowshoeing So Dangerous?

When spreading spam via snowshoeing, threat actors tend to use fake identities and business names to increase the faux legitimacy of their communications. The more professional and authentic a spam email seems, the more likely it is that a victim will interact with it. Through spam mail, various scams can be conducted, which can result in data theft, the loss of funds, or even the unauthorized control of your device.

Snowshoeing also affects real companies sending out legitimate communications. If filters are applied too heavily in order to avoid widespread spamming, you run the chance of blocking harmless domains, and even filtering out important messages. This is why many senders often ask if you’ve checked your spam folder when it seems you haven’t received their email.

Snowshoeing: An Ongoing Problem for Email Users

Email providers are no strangers to cybercrime. A range of illicit acts can be carried out via email, including phishing and the spread of malware. With snowshoeing, attackers can be even more successful in reaching potential victims, which puts millions of people at risk. Be careful about which emails you interact with and respond to, as you could be the target of a snowshoe spammer.