New spamming techniques could cripple an insurance company's email capability. But Jason Ashley explains some counter-measures
Over the past three months, email message threats have steadily changed their nature and increased in volume. Ask most people with an email account and they will tell you that they have noticed more spam in their inbox recently. Industry watchdogs have reported a sharp rise in malicious message volumes with a 20% spike in global mail volumes during July.
There are many culprits leading the field. These include old favourites such as botnots and zombies. There are systems available that can deal with these fairly easily and most people are now familiar with the forms these uninvited emails take.
However, there is a new twist in the development of spam operations. These spammers use tools to generate random images which are deployed at speeds of up to 1 million per hour. This is called image-based spam.
Image-based spam is a constant stream of unwanted messages that use embedded images in order to evade spam filters.
Using images in spam is nothing new, it has been happening for a long time.
What the spammers have developed, however, is the ability to change the image in real time for each message that's delivered. To the spam filters each message can appear as unique, which makes identification very difficult.
With the majority of images being large 'gif' and 'jpg' files, image-based spam puts a huge amount of stress on an insurance company's infrasructure. These companies typically store massive amounts of data, requiring huge storage and bandwidth.
Image-based spam can be about eight times larger than a regular spam message - a typical message is around 8k in size, compared to 70k for messages sent with this new tactic. These messages create storage and bandwidth problems. Let them go undetected and your systems and data are severely at risk.
Insurance companies that are subject to regulatory compliance have to archive all email messages, so storage can get eaten up very quickly. Without blocking image-based spam, much of which is porn, around 25% of storage space has gone. Then of course there's always someone keen to click on the message which unleashes any manner of virus into your system.
Make no mistake, these messages aren't sent by students bored with studies and looking to make a name for themselves. This is a high-stakes, high-profit business. Businesses have to continually invest heavily to get messages delivered successfully to recipients in the face of increasingly effective anti-spam systems.
You should look at a multi-layered approach to this problem. If your company is required to archive its email for regulatory compliance you should engage a solution that blocks incoming spam outside the firewall. If the messages are stopped outside the company, they don't have to be retained.
If your company doesn't have to retain emails then choose a system that characterises the internet's messaging traffic and makes it understandable and actionable. These systems identify spammers using image proliferation and manipulation to evade detection.
Multi-identity reputation systems are the most effective means of blocking illegitimate mail. Finally, tell staff about the problem. Don't wait for them to open an unsuspected email then bolt the gate afterwards. IT
Jason Ashley is senior partner at BEW Global