Endpoint Protection

 View Only

Image Stock Spam Reemerges 

Jun 26, 2014 03:49 PM

Image spam has been around for a longtime and peaked in January 2007 when Symantec estimated that image spam accounted for nearly 52 percent of all spam. Pump-and-dump image stock spam made up a significant portion of that 52 percent. Image spam has been in hibernation mode for a long time until recently when Symantec detected a significant increase in these attacks from our global Intelligence network.

Between June 20 and June 23, 52.25 percent of spam messages contained an image, compared to just 2.23 percent between June 13 and June 19. As with the last wave of image spam, image stock spam made up a significant portion of image spam messages. 

Image Stock 1 edit.jpg

Figure 1. Significant increase in image spam

Pump-and-dump image stock spam’s main problem stems from how it can cause financial loss to the email recipient. It can also put a strain on email infrastructures, due to a large message size, that could prevent end users from receiving legitimate email.

We have observed the following “Subject:” headers from this image stock spam attack:

  • Subject: Another Big Report this Monday at the open!
  • Subject: We've Just Come Across Something Huge!
  • Subject: Financial News: Our New Stock Alert!
  • Subject: Daily Stocks Tips
  • Subject: This stock will go nuts today
  • Subject: [REMOVED] Newsdesk - This is the next big stock play

We have seen the following images used by the spammer in this image stock spam attack:

Image Stock 2 edit.jpg

Figure 2. Image stock spam sample

Image Stock 3 edit.jpg

Figure 3. Image stock spam sample

Image Stock 4 edit.jpg

Figure 4. Image stock spam sample

Image Stock 5  edit.jpg

Figure 5. Image stock spam sample

This also leads into another side effect from image stock spam. Not surprisingly, the share price for the stock being promoted in this image stock spam attack has increased by 21.58 percent between June 19 and June 23.    

Image Stock 6 edit.jpg

Figure 6. Share price between June 19 and June 23

We will continue to monitor this spam attack and create additional filters to protect our customers.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.