Scammers adding layers to image spam

Email users should be on the lookout for an advanced type of image spam featuring a new technical wrinkle, researchers said today.

Spammers are now using multiple frames within animated .gif files to hide messages. The technique bypasses most anti-spam gates now in use, according to Internet Security Systems (ISS).

Hackers often use multiple, layered frames to disguise their message in this new form of image spam, experts said.

Gunter Ollman, director of ISS's X-Force lab, told SCMagazine.com today that messages spammed in this way are more unique than other types of spam.

"The message is hidden in one of the frames," he said. "And what we're also seeing is the generation of these .gif files build up the actual message."

According to a CipherTrust survey last month, 30 percent of all spam sent today is image spam. In May of last year, it made up only 3 percent of all spam messages sent.

Dmitri Alperovitch, research engineer at CipherTrust, told SCMagazine.com today that his company has seen a major jump in image spam since the beginning of this year, with more complicated tactics in just the past month.

"Since the beginning of the year, we started to see a major uptick in image spam - (that was) about 30 percent of what we're now seeing. We used to rarely see spammers employ randomization techniques in their signatures," he said. "Now they're employing many randomization techniques, playing with the colors, playing with the sizes, and now they're using animation."

Click here to email Frank Washkuch Jr.

Sign up to our newsletters