New Image Spam Threat Uses PDF Files

The good news is that image spam continues to subside, now averaging 14.5% of all spam e-mails in June, down from 27% and 37% in the months of April and March respectively, Symantec reported Monday in its July monthly State of Spam report. At its peak in January, image spam accounted for more than half of all spam. The bad news is that this doesn't mean that image spam is going away, as Symantec is seeing an increase in new spam techniques that reference spam images in different ways.

Image spam uses a graphic embedded in or attached to an e-mail, rather than regular text, because it makes it harder for anti-spam software to detect words that generally send up red flags that the message is a piece of spam.

Image spammers have started an emerging trend known as PDF image spam, which Symantec has seen in two variations. The first is an e-mail with a PDF attachment that appears to be a legitimate stock newsletter. "The newsletter looks professional and does not contain any noise or distortions which would normally be associated with image spam," Symantec reported.

In the second variant, the PDF attached to the e-mail contains a stock spam image, similar to image spam attacks focusing on stocks. The goal is to evade anti-spam filters that depend on being able to read the text of a message, Symantec reported. This variant of PDF image spam was targeted to over 30 million end users in just 10 days, between June 17th and 27th.

But the PDF image spam was just one of a litany of creative attempts to fool e-mail users into downloading malware or visiting phishing sites. Another popular scam played on the get-rich-quick instinct in e-mail users, offering them a phone number to call in order to access a lump sum of money with seemingly no strings attached. This spam e-mail was targeted to more than 32 million end users between June 7th and 27th.

Product e-mail attacks, at 26% of all spam measured by messages passing through the Symantec Probe Network, are the most prevalent type of junk e-mail, offering or advertising general goods and services. Financial e-mail attacks make up 21% of spam volume and contain references or offers related to money, the stock market, or other financial "opportunities." Sixteen percent of spam consists of Internet e-mail attacks that offer or advertise Internet or computer-related products and services.

Spam has become such a scourge to e-mail users that Google said Monday that it's going to plunk down $625 million to buy Postini, a provider of e-mail security services.