Image-based spam defeats filters

Image-based spam has increased 200 per cent over the past few months

Spam messages that use images, rather than text, to ply their wares now account for 30 per cent of all unsolicited email, new figures show.

Stats released by security firm Secure Computing show that emails where spammers hide messages in image files to escape detection have increased 200 per cent over the past few months. 

Filtering image spam is more difficult than with text-based messages as traditional methods are not effective.

"Image-based spam is a particularly difficult problem for a couple of reasons," said Michael Osterman, founder and principal of Osterman Research.

"It is much harder to detect with conventional spam filtering and blocking technologies, and is typically much larger than normal text-based spam, consuming much more bandwidth and storage."

Image spam can even defeat filters that use optical character recognition software to convert images into text.

"Traditional anti-spam software depends on content filtering techniques such as keyword filtering and Bayesian analysis to detect spam," said Dr Paul Judge, chief technology officer at Secure Computing.

"Even the technology used to recognise characters from images is not effective on today's image spam.

"Spammers are using advanced mathematical and graphical techniques like random modification of image pixels and dynamic construction of images from multiple components to bypass spam filtering tools."

Secure Computing claims that its TrustedSource engine can dynamically detect and block traffic from illegitimate sources.

TrustedSource collects information on email senders and the types of email they generate by accumulating data from more than 7,000 sensors located in 48 countries.

As a result, the company claims to be able to delete image spam before it hits the corporate mail server.