Two major e-mail security groups have recently reported an increase in image spam – spam that carries its message in an image to evade filtering based on text. Image spam boomed in 2007, but declined as security companies found ways to detect it.
The recent “second wave” uses a mechanism that changes each image very slightly to confound detection.
Image spam also evades detection a second way, by carrying graphic images of malicious URLs which can’t be read as text and filtered:
Symantec’s Message Labs researchers, in their second quarter report, said they’d found eight to 10 percent of the spam they filtered in June was image spam.
The Message Labs researchers said in May 34 per cent of unsolicited emails were image spam.
IBM’s Internet Security System’s X-Force said its researchers had found that 25 percent of spam was based on images at the end of April.
According to Sunbelt Labs researcher Patrick Jordan, the bulk of image spam advertises Viagra and similar pills and comes from computers in China.
See story here.
Tom Kelchner