logo
Company Info Product News Products Support Downloads Contact Info
Remote Access Internet Filtering Email Security Bandwidth Management Vulnerability Management Anti Virus Protection
Email Security
Privacy & Compliance
Image Spam
Anti Virus
Threat Prevention
Policy Controls
Cisco Connector
F5 Connector
Secure Webmail
Privacy & Compliance
Models
Request Info Pack
White Papers
Borderware Clients
Awards & Reviews
Mxtreme Pricing
banner

Dealing with Image Spam

Spam message volumes have doubled over the past 12 months and it looks like it will triple in the near future as the situation is worsened by the recent emergence of image spam. Through the BorderWare Security Network (BSN), it has been observed that image spam currently accounts for at least 35% of the overall spam volumes and this trend is on the rise. BorderWare data indicates that there are more than 25 image spam campaigns under way at any given time. As a result, organizations are struggling with lost productivity, end-user frustration and the need to protect against this latest threat in spam attacks.

image spam exampleImage spam is a technique where the spam message consists of an image and a small amount of text that looks like it is 100% text-based, when in fact it is an image that looks exactly like a regular email message. In addition, while all image spam messages may look the same to an end-user, spammers have programs to automatically create each image to have slightly different coloration, speckle patterns, or fonts.

This causes messages to appear unique when received and processed by spam filters. The randomness of the images and the message contents make image based spam difficult to classify. Current filters used to prevent image spam including OCR and fingerprinting are not effective to protect against today’s image spam threats.

To help defeat these attacks, BorderWare developed Intercept™ Image Analysis a new patent-pending technology. Intercept Image Analysis is an image classification technique, to be used in addition to the existing and effective threat detection techniques to specifically combat image spam.

The Intercept Image Analysis inspects over thirty attributes about each image including positions and relationships to other message characteristics and is designed to adapt and learn about new image spam campaigns and to defeat known and emerging spam threats including:

  • Word salads used to defeat content filters
  • Randomization and speckling used to evade bulk detection and fingerprinting
  • Tiling and splicing and animated GIF images used to confuse OCR

BorderWare has designed Intercept Image Analysis to be used in addition to the existing and effective threat detection techniques including:

  • Sender Characteristics - Sender characteristics use information from BSN, block lists, behavioral analysis, and other features to determine the reputation of a sender.
  • Connection Characteristics - Connection characteristics use heuristic information about the connection to determine whether the connecting system is a potential spammer, threat relay, or a mail server that an organization feels it trustworthy to accept a message from.
  • Message Characteristics - Message characteristics use heuristic token analysis, dictionaries, URL blocklists, and other features to categorize an email message.

Anti-Phishing

Copyright ©2008 Business Concepts Ltd.

Last Updated 19th Feb 2008

Image Spam - Anti-Spam - Anti-Phishing - Anti-Virus - Threat Prevention - Policy Controls- Cisco Connector -
F5 Connector - Secure Webmail