E-Mail: New Spam Tricks

Just when you thought you’d mastered the art of filtering spam, the spammers have crafted another way to infiltrate your inbox: images.

Spammers are now using .gif or .jpeg files to embed their pitches for pharmaceuticals and penny stocks. Because this image-based spam typically doesn’t contain any text, it’s harder for filters that look for known URLs or suspicious words to block them.

Antispam vendor Cloudmark sets traps, known as honeypots, to lure spammers to its network, and the company reports that half of the incoming spam it snares consists of images. “About a year and a half ago we started seeing a little bit of it, but it wasn’t until the past six months that it became a serious issue,” says Adam O’Donnell, a senior research scientist with the company.

Meanwhile, Craig Sprosts, senior product manager with IronPort Systems, says image-based spam has jumped from about 1 percent of all spam messages in June 2005 to around 12 percent today. This growth is helping to fuel a global resurgence in spamming, Sprosts says.

Spammers now generate an estimated 55 billion messages per day, according to IronPort. A year ago that number was 30 billion. The combination of greater volume and more sophisticated techniques has meant more complaints for network administrators.

“I’ve had users complaining in the last few weeks about the overall increase in spam and I’ve personally noticed an increase in the percentage of it that’s image-based,” said Jonathan Forster, computing manager with the University of Arizona’s psychology department.

Administrators at electronics distributor Avnet have started stripping certain embedded image files out of all messages after seeing an uptick in image-based spam two months ago, said Rob Kudray, manager of messaging services.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Related:
NEW! Download the State of the CIO 2017 report