Optical Illusion

From Pesky to Dangerous - Image-based Spam

Those of you that can remember back to 2006 may recall that High School Musical was the highest selling album of the year.  “We’re all in this together” was one of the most popular songs played at the time and, some would say, a pesky tune that would stick in your head.

It also happened to be the same time when image-based spam was at its peak, another pesky occurrence that was hammering our Inboxes (rather than our ears) at the time. However, it died out relatively quickly when a) it became too expensive/slow to send image-based spam due to the increased message size, and b) spam filters got used to the idea that these were commonplace and could easily stop them.

Thirteen years later image-based spam is back, but with the newer, darker twist of extortion rather than that of pills, porn and casinos.  We’ve all seen samples of messages where the sender claims to have infected the recipient with spyware following the recipient watching adult videos, which of course is not true.  However, recipients that are not cyber threat aware – whether curious or naïve – will, of course, take the bait.

Today’s Spam filters work in several ways to determine if the message should be treated as spam by either looking at where the message has come from, or what is contained in the message.  If the spammer composes the message using an image, that looks like text, there is a chance that it can evade most of today’s Anti-spam products as they don’t have Optical Character Recognition (OCR) built-in to inspect the image and determine what the content is.

Haven’t heard of OCR?  It’s a digital technique for analyzing images and extracting the text, so that it can be processed like a normal electronic document using DLP functionality.  This includes scanned documents to PDF, or screenshots into an image such as a JPG, plus a number of other image file types.  OCR enables the images to be analyzed during the transfer process – whether via email or when uploaded/download from websites and Cloud apps, or during transfer to removable devices.  

A further enhancement to OCR enables redaction of text in images.  You read right.  OCR working together with redaction.

Fortunately, the Clearswift SECURE Email Gateway offers OCR and text redaction in images to mitigate the sophisticated threats that cybercriminals are embedding in images, preventing sensitive data loss and, if you have a need for it, redaction of sensitive information in images.

OCR and redaction are also being built into the Clearswift Web and Endpoint products this year, so no matter what digital channel images are being shared through, Clearswift will inspect, analyze and redact threats and sensitive information.

Today it may be extortion and who knows what they’ll try next.  Clearswift will be ready.

OCR example

By Alyn Hockey, VP Product Management

More Information:

Clearswift SECURE Email Gateway

Optical Character Recognition

Adaptive Data Loss Prevention

Adaptive Redaction