Secure Computing Corporation
Secure Computing
   
  
   
  White paper executive
   summary
 
  Download white paper  
  Sign up for an evaluation  
  TrustedSource  
  Press release  

According to Jonathan Zittrain, a professor of Internet governance and regulation at Oxford University, at least 50 percent of all email is spam, in some cases as much as 80 percent. And although image-based spam has always been around, it has become more popular because it is trickier for security systems to stop than text-based emails.

Straight Talk on Image Spam

One-hour panel discussion with members of Secure Computing's world-class Research team
Speaker: Paul Judge - Chief Technology Officer, Secure Computing

View Webcast

 

How To Protect Your Company and Employees from Image Spam

Over the past year global spam volumes have tripled, and Secure Computing Research has seen an increase of 50 percent in just the past six weeks. Spam now accounts for nearly 90% of all email.  In that same time, there has also been a tripling in the amount of spam that is image spam, which today accounts for 30 percent of all spam.

Image-based spam is a particularly difficult problem for a couple of reasons. It is much harder to detect with older, conventional content analysis spam filters. Further, it is typically much larger than normal text-based spam, consuming much more bandwidth and storage. Finally, because these messages don't contain clickable URLs to lure recipients to Web sites, the typical call-to-action has changed to "hot stock tips" which rely on recipients bidding up the price of over the counter stocks, which the spammers then dump for a profit. To learn more about what image spam looks like, its characteristics, and who is sending it, read our free white paper:
Image Spam: The Latest Attack on the Enterprise Inbox.
For more information, please see our Executive Summary for the paper below

It is imperative that email administrators and network security managers remain informed about image spam and its consequences for the unprotected enterprise, and that they take action to remain in front of the threat. Here are some suggestions for doing that.

Technology Response to Image Spam

Use Gateway Defenses
All spam is best blocked at the network perimeter, or gateway, to keep it from affecting the performance of mail servers, to keep from wasting space in archives, and to keep it away from end users. If your spam defenses are still running on the mail server, or on the desktop, it's time to switch to a gateway based solution like Secure Computing's IronMail

Use Reputation Systems
Because the content of an image spam is difficult to analyze, it becomes more important than ever to use an anti-spam solution that employs reputation information. Insist on real-time data about the reputation of sending computers, as well as of messages themselves. Look for a vendor with the broadest and deepest reputation dataset, like Secure Computing's TrustedSource®

Use Cutting Edge Image Analysis
Make sure your anti-spam vendor offers robust image analysis algorithms that can detect patterns in images, even when the images all vary slightly. This helps block new image spams before they've been identified by reputation systems.

Use The Current Version
Just as with viruses, spam protection is at its most effective when the software is up to date, and the reputation data, fingerprints, and patterns are all current. If you haven't upgraded your anti-spam appliance's software in a while, this is a good time to. And make sure you have set your appliance to check for reputation data updates at least hourly. Visit our Support section for information about the latest version of IronMail.

Other Best Practices for Dealing With Image Spam

Educate End Users
As mentioned earlier, the "call to action" of image spam is different. They may tout herbal remedies like old fashioned spam, but more and more, spammers are making their money in the "penny" stock market. Image spam promotes small cap stocks traded Over The Counter (OTC). The spammers buy shares, then promote the stock with image spam. Recipients are encouraged to buy shares too, driving up prices. The spammers then dump their holdings, making a profit and depressing prices. As likely as not, the victims are stuck with worthless stocks. Educate your end users about these schemes so they'll know not to fall for them if an image spam gets past your filters and into their inbox.

Submit Spam Samples for Analysis
If an image spam does get past your spam filter, send it to your anti-spam vendor for analysis. This helps the vendor stay abreast of the latest spam messages, so they can keep their algorithms and their reputation data as up to date as possible.

Conclusion
The spam wars have been renewed with vigor by spammers who have developed new message types, like image spam, and new calls to action, so they can remain in business. While it may be annoying to see the spammers continue their assaults, keep in mind that the problem can be dealt with by using current, robust solutions and following these simple, common sense suggestions.

White Paper Executive Summary
The recent surge in spam volumes is due in large part to the advancement in image spam technology. In keeping with their standard operating tactics, spammers are constantly creating new techniques either in response to, or in advance of, anti-spam software solutions. By avoiding reliance on OCR and applying TrustedSource reputation to each sender and message encountered, IronMail is able to block more image spam, at a higher rate and with lower false positives than any other gateway security provider. By combining years of industry-leading research with the power of Secure Computing’s global network of sensors, TrustedSource continues its tradition of keeping enterprises ahead of spammers and other lurking threats.

Download white paper
Image Spam: The Latest Attack on the Enterprise Inbox.