Image-based spam is a nightmare facing enterprise networks

Two industry experts debate the effect image spam has on networks.

"Image is everything," or so the saying goes. For more than 1 trillion spam messages sent since April (yes, that's 1,000,000,000,000), image has literally been everything. No text, no numbers, no hyperlinks in these spams; just an image.

True, there are commercial solutions to combat this nightmare, but much of the enterprise market and most e-mail users worldwide are not yet protected by any of these solutions. Some vendors believe their product is the solution, but it's not that simple: An enterprise needs to have the time and budget to implement a new solution to stop the nightmare. And most users in small businesses, nonprofits and developing nations have neither the staff nor budget for an enterprise-grade solution.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

"Image is everything," or so the saying goes. For more than 1 trillion spam messages sent since April (yes, that's 1,000,000,000,000), image has literally been everything. No text, no numbers, no hyperlinks in these spams; just an image.

True, there are commercial solutions to combat this nightmare, but much of the enterprise market and most e-mail users worldwide are not yet protected by any of these solutions. Some vendors believe their product is the solution, but it's not that simple: An enterprise needs to have the time and budget to implement a new solution to stop the nightmare. And most users in small businesses, nonprofits and developing nations have neither the staff nor budget for an enterprise-grade solution.

More than 15 billion image spams flood the Internet per day, a tenfold increase since 2005. The average image-spam message size is 50KB, which is 10 times larger than conventional spam. These larger message sizes, combined with the increased spam volume, have caused many fragile e-mail infrastructures to buckle under the load.

More of this spam is evading filters for two reasons. First, image-spam advertisements consist of an embedded file attachment such as a .gif or .jpg without any meaningful text in the message. Most other spam includes some meaningful text and a clickable URL that spam filters can detect. Eliminating many of the common techniques used to stop spam reduces catch rates and increases the amount of spam arriving in the in-box.

Second, recent technological advancements by spammers have increased image spam's effectiveness. The primary innovation involves randomizing multiple copies of an image to appear the same to the human viewer but totally different to spam filters. For example, spammers are sending spam with an attached .gif file that has random visual "dots" inserted in the image. Image colors, the width and pattern of the border and font style also are used to randomize the image. In all of these cases, the image appears the same to the user, but its checksum is different. More spam evading filters results in more spam landing in in-boxes, reducing employee productivity and increasing IT staff workload.

Image spam also portends more dark days ahead for the Internet: Sophisticated criminals will continue to launch an endless stream of profitable, damaging attacks. The image-spam attacks urging recipients to buy penny stocks have made the spammer rich: Spammers buy the shares at a low price and "spamvertise" the stock; recipients buy the shares, driving up the stock price; then the spammers sell their original shares for a quick profit.

These criminals are capable of building sophisticated imagine-randomizing and spam-sending systems, launching billions of spams and investing their own capital in the public, heavily regulated stock markets. Angry users and e-mail outages are mere collateral damage to them. When this scam stops working, they will move on to the next one. Those who ignore what image spam attacks bode for our future do so at their own peril.