Image spammers change tactics

In recent weeks, spammers have taken advantage of online photo-hosting services, such as Imageshack and Flickr, to host their images in a technique researchers at MX Logic said this week that they don’t expect to last long.

"It’s one of those things that’s pretty easy to block based on linked images in email messages, and the providers are usually pretty quick in taking down images of this nature, or things that are pornographic or illegal," said Sam Masiello, director of the Threat Management Team at MX Logic.

Spammers have also used the image’s location as a background attribute to an email’s body tag within the message’s HTML code – a technique that’s a variation of the original image spam method of attaching an image to a message, but using an external image host.

"The more common tactic would be to set up servers themselves, or use compromised servers to host the image," Masiello said.

Researchers have reported varying statistics on image spam in recent months.

MessageLabs announced earlier this month that image spam levels held steady at 15 to 20 per cent of all junk mail.

Paul Wood, senior analyst at MessageLabs, said at the time that image spam is difficult to accurately measure because in increases sharply over short periods of time.

A report on email-borne threats from Symantec showed a 10 per cent drop in image spam from March to April, when it accounted for 27 per cent of all spam.

McAfee last month reported a drastic drop in image spam levels, with researcher Nick Kelly posting on the McAfee Avert Labs Blog that emails using the technique plummeted from 59 per cent of all spam at the start of April to 12 per cent at the end.

changeimagesecurityspammerstactics