New Image Spam Technique Warning

Media Release
Secure Computing Warns Of New Image Spam Technique With Potential To Significantly Grow Spam Volumes

Rather than attaching within an email, now links to an image or photo, such as from a popular image hosting site

Auckland, Monday May 7, 2007—Secure Computing Corporation (NASDAQ: SCUR), a leading enterprise gateway security company, has identified a new image spamming technique that allows spammers to escape most vendor's protection methods. Virtually all of the image spam that vendors deal with today involves email messages that include embedded images. This new breed of image spam, however, includes a link to an image uploaded to a popular - and legitimate- photo-sharing site, which is automatically downloaded and displayed as soon as the email is opened by a user.

Secure Computing believes there are several reasons for this paradigm shift in image spam deployment techniques. “In order to get around the new image filtering technology deployed by many anti-spam vendors in recent months, the spammers have had to go to more extreme lengths to obfuscate their images and introduce random pixels, change colours/fonts and utilise animation. This had resulted in lower level of readability of their messages and a decrease in throughput of the spam sending software. This new image spam technique opens a new channel for spammers to bypass most current vendor protection methods and infiltrate messaging infrastructures in ever greater volumes.”

“Coincidentally, this month marks the anniversary of image spam” said Eric Krieger, Country Manager for Secure Computing in New Zealand. “Through the course of the year image spam, which went from single digits to an estimate of over 30%, has gone through a number of iterations that make it harder and harder to detect. This new development makes it extremely difficult for many anti-spam providers to pick up.”

Because Secure Computing's TrustedSource™ technology employs a reputation-based approach to network security, in addition to advanced image and other content inspection, Secure Computing is able to proactively identify and block this new breed of image spam. TrustedSource has the capability of preventing this type of spam from ever entering the network by analysing the reputations of senders and websites, and then denying access to unreputable sources.

About TrustedSource
With up to 95 percent of email now classified as spam, and 90 percent of all spam sent through zombie computers, Secure Computing's TrustedSource reputation system is providing advanced spam blocking and tackling. With sensors in 64 countries, including 15 classifier machines and 20 TrustedSource real-time responders, TrustedSource scans billions of messages each month and blocks 6.2 TB of spam. It provides users with a 92 percent spam block rate, also blocking 83 percent of total mail volume well before spam reaches anti-spam filters. In addition, TrustedSource collects 100 GB of statistics daily.

TrustedSource is integrated into Secure Computing's leading enterprise gateway security appliances in addition to partner products, providing customers with the industry's most state-of-the-art line of spam defence.

For more information, please see the paper “Image Spam: The Latest Attack on the Enterprise Inbox” at http://www.securecomputing.com/webform.cfm?id=100&ref=hpbtnwp

ends

© Scoop Media