Image spam: Not a pretty picture

Security experts warn agencies to expect more and more security problems entering their networks through something called image spam.

Image spam consists of a picture that is embedded in an HTML e-mail. Since many common anti-spam solutions rely on text scans to identify spam, image-based e-mails will slip right by. That leaves the door open for traditional spam problems, such as malware and embedded ActiveX controls.

The use of image spam is on the rise. In October, for example, image spam accounted for nearly 25 nearly of the 62 billion spam mails sent out, according anti-spam vendor IronPort. To make matters worse, image-based messages are larger in size, so they eat up more bandwidth, according to the company.

“The increase [in spam] has negatively impacted our operations and has caused work queue backups on heavily loaded systems,” said Kevin Stine, the Chief Information Security Officer for the Food and Drug Administration.

IronPort has developed software that company officials say can block nearly 98 percent of image-based spam. They do so by extracting text sections from the images and analyzing them with traditional filters. IronPort's solution also looks at how trustworthy a potential spammer's e-mail address is.

“We're not just looking at the content of the e-mail, we're actually looking at the reputation of who's sending that e-mail,” said David Mayer, product manager at IronPort.

That reputation includes analyzing the Internet protocol addresses and domain names of incoming e-mailers, checking to see how much mail that person has sent. A large number of e-mails would flag that IP or domain's “reputation,” filtering out further mail from that source.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.