Samker's Computer Forum - SCforum.info
World TOP Headlines: => Latest Security News & Alerts => Topic started by: Amker on 16. June 2007., 17:55:35
-
A new type of image spam found this week is able to bypass many filters by presenting a message as wallpaper within an e-mail, according to the vendor Secure Computing.
Image spam uses text embedded in an image to foil traditional spam filters that catch spam by scanning messages for key words and by using other text-based techniques.
Normal image spam is delivered as an attachment or loaded into an e-mail via a url, says Paul Henry, vice president of strategic accounts for Secure Computing.
But a new type of image spam Secure Computing found this week takes advantage of e-mail stationery, which consists of an HTML template. When used legitimately, the template might contain a company’s logo and the sender’s name and contact information, just like a piece of letterhead paper.
Many antispam programs are trained to ignore these backgrounds, or wallpaper, because they are often used to send real e-mails, according to Secure Computing. The new spam e-mail, which promotes a pump-and-dump stock scam, puts the text within one of these stationery backgrounds, the vendor says.
“This latest twist we just saw is really interesting,” Henry says. “It’s going to be yet another update that will have to be made to the filtering programs in order to be effective in blocking this new methodology.”
The new threat comes just a couple weeks after statistics from McAfee indicated that image spam’s prevalence had fallen drastically since the beginning of the year.
The new type of image spam could be used for pharmaceutical schemes or perhaps malware attacks, the vendor says. Secure Computing claims its own product, which filters e-mail based on a sender’s reputation, can block this type of spam.
“It’s going to increase the amount of spam people are going to see in their in-boxes. It’s yet another way to bypass a spam filter,” Henry says. “If you think about it, these guys are pretty crafty.