'Image spam' could bring the internet to a standstill
Last updated at 11:52am on 10.01.07
At first, they seem like your average junk email, containing share tips or an advertisement for Viagra, along with a small, slightly garbled picture.
But this, experts say, is the spam that could bring the internet to a virtual standstill this year.
To bypass anti-spam software, the emails use an image instead of text.
In the past six months, this "image spam" has seen a massive increase and now represents 35 per cent of all junk email, according to security software firm F-Secure.
Mikko Hypponen, chief research officer, said: "Image spam is taking up 70 per cent of the bandwidth bulge on account of the large file sizes every single one represents."
The emails, generally containing stock tips, come from gangs and even bored teenagers in the United States and Russia trying to inflate prices in a swindle called "pump-and-dump".
They promise that a cheap, usually American, stock will take off. The perpetrator then dumps his stock as buyers leap in before it collapses.
Dmitri Allperovitch of computer security company CipherTrust said: "They're niche companies with no profit and no products, so when you see a spike from almost no trades to two or three million when the spam is sent out, you know there were a lot of people who fell for it."
Researchers believe hackers have targeted the recipients of computers at Christmas and are using these machines. Most spam is sent by "botnets" - machines hijacked by hackers to send out email on their behalf.
Some researchers estimate about 10 per cent of the world's 650 million online computers are botnet victims. They say this year has already shown just how large the networks after one of the biggest crashed, resulting in a 30 per cent fall in spam for the week it was disabled.
Diego d'Ambra of email monitors SoftScan said: "For years spam has just been steadily going up. A major botnet was almost certainly the cause of the fluctuation since botnets are now the single biggest factor in spam generation."
In the most notorious case so far, Jonathan Lebed, 15, from New Jersey, was prosecuted in 2000 for failing to disclose an interest in the shares he was promoting in chat rooms.
Lebed agreed to pay $285,000 (£150,900), which is thought to be significantly less than he made.
He claims to have gone legitimate with a stock-picking website.
Reader views (9)
Here's a sample of the latest views published.
One way to stop image spam is to only accept plain text e-mails.
- Matthew, Missouri, USA
Strip images at the backbone level. Maybe ISP's will need to cap the amount of data sent via smtp per hour on non-commercial accounts and force commercial accounts to take responsibility for their poor security on workstations.
- John, Penticton, B.C. Canada
I get some of these image spam messages from time to time. I throw them in the trash and don't worry about them. One reason that I don't get too many of them is that I don't give out my email address willy-nilly. I used to work in a public library computer lab. I would see patrons posting their email addresses in chat rooms and on message boards. Then they would ask me why they were getting hundreds of spam emails every day. I tried to explain it to them, but I guess there's a reason why they were using library computers rather than having their own.
- Ollie, Joplin, MO USA
a new technique being used to stop spam is really working and should be brought to the attention of server admins everywhere. the technique is called 'greylisting' and what it does is automatically reject all emails as a first step... most legit mail servers will resend the email and it gets through but spammers generally avoid re-posting the emails if rejected because it gets them on blacklists much quicker. my hosting company implemented it recently and I went from hundreds of spam per day to around 1 or 2 at most. it is easy to implement and cuts down on server resource use massively.
- Brad, Winnipeg, MB
There is never a 'need' for images in an email and everywhere I have worked, we strip out images at the gateway and read all email as plaintext. It's been that way for years.
- Jason, Indianapolis, USA
Dave Davies, I have tried things like this and the customer fallout was bad. Unfortunately there are too many people who use email use and rely on images in their messages. Most of them do not understand how to use a whitelisting mechanism, and do not want to learn how to do so. It seems simple for us computer literate, but for the masses, a lot of who can barely even _read_, anything of the sort is 'bad service'. There are so many good ways to shutdown spam but the PR and/or customer service nightmares created by doing so prevent it from being done.
- Anon Isp Sysadmin, Virginia, USA
I wonder how well Mr Davies' idea will work in a commercial environment? Does one already know who will be one's future customers?
- John Burgess, Sarasota, USA
I only am wishing that we could also spam television and radio, as that would save Western civilization from exposure to the mental toxicity of the brain flatulance emitted from those who produce the the same. Power outages are the most peaceful times of life you know.
- Racy Trackz, Islamisbad
Simple - Have your Internet/e-mail provider act now and refuse to accept pictures from addresses unless you have pre-approved them.
- Dave Davies, Basingstoke
Tonight:
14°c

It’s amazing to learn they did any research at all — unless it was into farting and foreskins





