Image spam made a notable return to email inboxes in 2013. Although it hadn’t been seen since its heyday back in 2006 and 2007 when more than 40 percent of all email spam contained a malicious image attachment (with the exception of two very short and not particularly noteworthy comebacks in 2008 and 2009), it started another comeback in late 2013, and as it tends to do, it has since gone away.
The first wave of image spam attacks started in December 2013 and rose from roughly one percent to around 28 percent in early December, then peaked at 50 percent later in the month. Over the next two weeks it peaked and fell dramatically, and has made a few minor appearances ever since.
So what is image spam and is it a problem considering it comes and goes so sporadically? Image spam works by circumventing the analysis of the email account’s spam filters, like SpamAssassin or Bogofilter, for example.
And whilst it hasn’t made much of an appearance since its short comeback around the 2013/14 holiday period, its tendency to account for such a significant amount of all spam emails sent should make it a concern for business organisations and individuals.
However, new techniques don’t appear to have been used, and some experts describe the use of few image variations, and the length of time the same URLs are used, as ‘old-fashioned’. Perhaps hackers assume most spam filters aren’t prepared for large image-based spam attacks. Let’s hope they aren’t correct.