The Scourge of Image Spam

Found on CSO Online on Wednesday, 16 May 2007

E-mail solicitations that use graphical images of text to avoid filters are not new. Recently, however, they became more sophisticated and account for roughly 40 percent of spam today.

The spammer's challenge, then, is to deliver something that the filter hasn't yet learned is spam. Eventually, the filter incorporates the new derivations into its list of spammy traits. Then the spammer changes convention again, and on and on.

Spammers have made image spam really effective by using not just one but multiple filter-thwarting techniques. Some confuse optical character recognition filters, some automatically alter images to create randomness, and some even buffer against defenses that don't yet exist but that spammers anticipate will be built in response to image spam.

The solution? Drop emails with GIF/JPG attachments smaller than 50kB. Holiday snapshots will make it pass those filters, since images from digicams are way bigger. Spammers still have to keep the emails as small as possible so they can pump out as many as possible in a period of time. The larger their spammail gets, the smaller the amount they can deliver.

Browse all articles« Previous « » Next »