Image Spam Trying a Comeback - Without Success

Symantec has observed an increase in the use of image spam attacks over the past few weeks. Symantec defines image spam as an unsolicited message containing an image in the body.

In August, image spam attacks accounted for approximately 1.6% of total spam. In September we observed that image attacks almost doubled, representing approximately 2.6% of total spam. Over 50% of image attacks observed are English, and the second largest group of messages is Russian. In the first ten days of October, image spam messages have averaged approximately 8.6% of total spam. This is the highest mark to date over the last 90 days. From May of this year up to September, image spam was relatively quiet. As stated above, these numbers have been increasing since mid-September. We have not seen image spam of this volume since February of this year.

Commonly seen image spam messages have included Russian online dating offers, random product offerings with an image opt-out, and the all too familiar Viagra offers. Nothing is blatantly new here, but the recent volume increase is notable enough for us to ask if this old trend could be trying for a comeback.

Another observation with image spam is its connection to phishing attacks. Several phishing attacks have used images recently, which have in turn classified them as image attacks. We recently observed some large phishing attacks on banks with attached logo images. The good news is that anti-spam effectiveness is not being negatively impacted due to this trend. Symantec is effectively protecting our customers from these attacks with our anti-spam products.