Welcome To Iconocast

Recent News on the Keywords, text scanners + spammers use + your , Related to the Article Below:

Nearly seven in ten junk emails are images

Spammers use graphics to fool text scanners - and they are eating up your bandwidth

Spam using images rather than text now accounts for most junk email, according to McAfee.

The change began in late 2005 to counter aggressive spam filtering which blocks emails containing certain words or phrases. By last October 40 percent of spam was image-based, and by the end of the year the proportion had risen to 65 percent.

As an image spam is typically three to four times the size of the average text email, it is taking a significant slice of people's bandwidth - and some users pay by the gigabyte.

Article continues below and (thank you)

McAfee says one of the problems it and other security companies are facing in the image-spam battle is that analysing the content of an image is CPU intensive since optical character recognition (OCR) is required to pick out individual words.

The task is made even more difficult because in most cases each image contains random background noise or has a random file name, making it unique. Animated gifs and multi-layer image files are even more advanced techniques send unsolicited messages across.

McAfee's claims its anti-spam doesn't analyse images because of the processing power but instead looks at the source of the email and a summary of the contents of the e-mail.

It states its detection rates are 99 per cent or more, but doesn't say how many false positives it gets using this method.

Image-Based Spam a Server Threat
January 11, 2007
By Andy Patrizio

Spammers often change tactics to try and stay ahead of the curve, and the latest is image-based spam.

Because spam blockers have become so efficient at detecting text-based spam, no matter how many different ways they try to spell "mortgage" and "Viagra," the spammers have added a new weapon to their arsenal: the graphic file.

By spamming people with a small .jpeg or .gif file with the embedded text, spam blockers usually let the letter go through. The problem is these image-based spam letters are considerably larger in size than text-based spam, which wreaks havoc on the e-mail servers, and they take longer to process.

"This is the huge size increase in the size of spam. Even a small increase in image spam means a huge increase in the file size of spam being sent around," Mikko Hypponen, chief research officer for antivirus vendor F-Secure, told internetnews.com.

Hypponen puts image-based spam at around 35 percent of all spam currently clogging the Internet. Fortunately, said Hypponen, e-mail accounts for very little of the total Internet traffic. So alarmist stories that image-based spam could bring the Internet to a crashing halt are unfounded.

"The Internet as a whole is not going to come to a standstill from e-mail, but e-mail of itself is a different thing," he said. SMTP-based e-mail used today is the same design from the late 1960s when the Internet was born as a Defense Department project with a few dozen users.

It still has no real authentication, no security and no guarantees of e-mail delivery in the protocol. "The only reason e-mail works as well as it does is the goodwill of the people, because they aren't trying to break things," he said.

Peter Firstbrook, security research director for Gartner, confirmed the explosive effect of image spam on e-mail servers. He said it went from 6 percent of all spam in Q3 of 2006 to 30 percent by Q4, a near sevenfold increase in one quarter.

"E-mail isn't the biggest bandwidth hog, but it is a CPU and MTA [Message Transfer Agent] hog," he said. He's talked to clients that had to turn off mail queuing to allow the backlog to be processed, and as soon as they opened up the mail servers, they got overwhelmed again.

The solution is not easy. Stopping to examine graphics files means a log jam at the mail server and MTA, which could mean lost or bounced e-mail. And while client-side spam blockers like Symantec's Brightmail and Cloudmark Desktop work well, the best place is to block spam at the edge of the network. Most developers of client-side spam blockers, including Symantec and Cloudmark, do offer a server-side protection.

"It saves bandwidth between the server and user and doesn't pile up the user with image files. Most corporations don't even want [spam] in their e-mail servers. You've got to block at firewall, before the mail server," said Hypponen.

Firstbrook agrees. "You gotta drop this stuff at the boundary. You can't process everything. You gotta say, 'I can't trust this sender; I'm not accepting this message.'" That means if you get a dozen letters from a known spammer e-mail address or IP address, it's likely that future letters will also be spam.

To get around this, authentication and secure delivery are necessary, along with reputation-based systems at the firewall. But there's a simpler solution, too: check your own computer.

"Eighty to 90 percent of spam comes from bot-infected  computers, and almost all North American spam comes from bots. There are more than 200,000 new bots every week. As a community, we're all less safe because of those people," said Firstbrook.

"Those people" are regular users, most likely home users, whose computers are infected and they don't know it, because they aren't using any form of security or malware  detection.

Firstbrook said ISPs are in a position to know who is infected because they can see the traffic patterns, and they should warn customers, if not shut them off outright.

AOL originally sold McAfee VirusScan but found it was more economical to give it away to its customers. "They got fewer helpdesk calls and saw less bandwidth use," he continued. "Other ISPs need to follow this example and help their customers be more secure."

Branding Laws · Internet Marketing · eMarketing · Internet Advertising · Online Branding
Search Engine Optimization & Marketing · Naming · Privacy Policy · Home · Contact Us

Our Services and AFFORDABLE WEBSITE DESIGNS