Saturday July 4, 2009 10:41 PM AEST
Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
 
Latest Comments
"Good! Its very good blog the for the people who are having debit collection and credit report ..."
on Fake Microsoft anti-spyware site stealing credit card info
by identity theft lawyers | Jul 4, 2009 6:55 PM
 
"nothing"
on Ads on Facebook serving up adware
by UMAIR | Jul 4, 2009 5:54 PM
 
"Thank you "
on Search engine promises completely private surfing
by Dr. Holub | Jul 4, 2009 11:17 AM
 
"Agree that wireless hotspots are an easy way for hackers to gather information from connected ..."
on New devices make hotspots a hacker's paradise
by Patrick Hooper | Jul 3, 2009 4:06 AM
 
"Katarzyna what has this got to do with Symantec?? "
on Mobile phone directory service faces consumer uproar
by PaulC | Jul 2, 2009 12:55 PM
Email Security

Picasa and Flash become latest spam tools

  • Email a Friend
  • Print Page
Related Articles
By Shaun Nichols
Sep 5, 2008 12:27 PM
Tags: Picasa | Flash | spam | tools
Google's Picasa image hosting service is fast-becoming the new tool of choice for spammers to elude e-mail filters.
Google's Picasa image hosting service is fast-becoming the new tool of choice for spammers to elude e-mail filters.

According to a recent report by security firm Message Labs, the service is being used to host the images used in spam messages. Those images can be used for such purposes and pushing fake video files or running text that can elude spam filters.

The use of images in spam is not a new phenomena. Spammers have long used image files as a way to evade the text-recognition features in anti-spam filters. The use of specialized imaging services such as Picasa, however, could make it even harder to combat spam.

Because Picasa is a Google service designed to share photos, domains used by the service are rarely blocked by email filters as the same domains are far more likely to be used to host an image the user actually wants to receive.

The streamlined nature of the service, designed to make it easier for users to upload and manage their albums, is also appealing to spammers, said Message Labs.

"The use of these images is very simple," the company explained.

"Firstly, a Picasa Web Album is created using the Google account. The album can be marked as private or public, and even with a private album, the images can still be used in an email."

The use of photo-sharing sites like Picasa are not the only way spammers are avoiding detection, however.

The company also pointed to Flash files as an emerging threat. While some exploits have in the past been launched through Flash flaws, Message Labs found that spammers are now using the files to confuse users and redirect them to attack or phishing sites.

"Using this latest technique, spammers are able to bypass many traditional content filters since the link in the message relates to a legitimate website," explained the company.

"It is expected to appear in spammed messages posted to comment pages of blog sites and social networking sites."

Copyright © 2009 vnunet.com

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Exclusive Data Centre - Sponsored Content by Microsoft
 
Messaging Whitepapers
 
Popular Tags
botnet chinese court crash critical cybercriminals death dlp email event guilty image jackson jolie malware mccolo phishing ralsky security spam