Image Spam Used for Stock Fraud

MessageLabs has released its May 2007 Intelligence Report, which details specifics of security and threat activity for the month. The report noted that “image spam” accounted for 15 percent to 20 percent of spam in May.

Image spam is generated when botnets take a text message from a command to a control channel and turn that into an image that contains text.

The botnets have a template that can generate code and an image, and that image will be different every time the e-mail is sent. The content itself is the same, but the code in the botnet engine itself makes slight changes such as altering one pixel in the background of the image, adding extra lines or making the text slightly distorted.

This allows image spam to avoid detection by optical character-recognition anti-spam technology.

“It’s all about trying to defeat anti-spam countermeasures,” said Paul Wood, MessageLabs senior analyst. “If it’s just plain text, you can read the contents, you can fingerprint it, look for certain keywords, but if it’s an image, that becomes so much more difficult. If you have to use optical character recognition, then you are expending a lot more CPU cycles and a lot more resources, and it becomes much more expensive.”

He said this type of spam almost always is used to “pump and dump” low-valued shares on the stock market.

“They’re not trying to sell you Viagra or lure you to a Web site or…



Posted in Uncategorized|


Powered by WebDesk