IronPort Systems has issued a report detailing the increased
incidence of image-based spam over the last 12 months. "Image-based
spam has exploded, growing from less than 1% of all spam in June
2005 to more than 12% of all spam in June 2006," said a company
statement. "This represents more than five billion messages per
day, 78% of which pass right through first and second generation
spam filters."
Spam filtering relies on a mixture of content reading and sender
analysis to determine what is and what is not spam. Messages
embedded in a picture are not readable by traditional filters,
because the information is not text.
The trend is part of an overall resurgence in spam volumes,
according to IronPort. While spam volumes seemed to be tailing off
at the end of last year, a recent spike has attracted security
companies' attentions.
"Over the last six months spam volumes have resumed their hyper
growth rates," said the IronPort statement. "From April to June
2006 spam volumes have surged 40% worldwide. The company now
estimates that 55 billion spam messages are sent every day,
compared with 30 billion one year ago.
"With image based spam techniques, spammers are using
sophisticated methods of varying each image slightly with each spam
attack," said Tom Gillis, senior vice president at IronPort.
"[These changes are] imperceptible to end users and invisible to
signature-based filters. It is similar to snowflakes in a blizzard
– billions are sent but no two look exactly alike."
The trend was confirmed by security firm Cloudmark, which told
IDG News that half of the spam caught by its 'honeypot' system now
consists of images, a trend it said had emerged to a serious extent
in the last six months.
