Problem solve Get help with specific problems with your technologies, process and projects.

Can simple antispam filters solve the image spam problem?

If your company has a problem with image spam, why not just filter it out? In this SearchSecurity.com Q&A, information security threat expert Ed Skoudis explains why filtering isn't the easy answer.

With the hype lately about image spam, I find myself wondering why companies don't just filter it out. How often does a legitimate message contain only an image? In business mail, I'd venture to say it should never happen. Even in personal mail, it's rare; people almost always include comments with the pictures they send around. Therefore, a simple rule filtering out messages lacking body text ought to take care of the problem, right?
Your suggestion is reasonable, but not a panacea. I receive a lot of spam that contains only image attachments. In fact, when searching through my antispam filter (a very un-scientific method of analysis), I estimate that about 5% of the spam I receive contains nothing more than an image. So, why not filter all images?

First, it's a distinct minority of all spam, and filtering puts a frustratingly small dent in the problem. Second, the bad guys can easily adapt and are already doing so. A few months ago, a lot of the pump-and-dump stock spam messages were purely images, but now spammers often append a bunch of gibberish words or random sentences to the email by placing them underneath the image. Third, traditional antispam solutions can detect image-based spam reasonably well, responding to hashes of the images themselves and the fact that they are spewed out in bulk. Rather than blocking image spam wholesale, we can catch it using traditional antispam filters. So, your idea of filtering them is a good one, but nothing that will put a major dent in the glut of spam.

More information:

  • Learn how IT pros are battling image spam.
  • Find out how well whitelists and blacklists can stop spam?
  • This was last published in December 2006

    Dig Deeper on Emerging cyberattacks and threats

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.