The company said yesterday that in June image spam dropped to 14.5% of all spam, compared to a peak of 52% of spam in January.
At the same time, PDF spam has emerged as a possible replacement, although Symantec saw just 30 million PDF spams in June, still not a significant percentage given the billions of emails handled by the company every month.
Symantec suggests that PDFs are being used to get around spam filters that are getting wise to image spam. It saw two variants of the PDF spam run in June, both of which pitched penny stocks as investment opportunities – the so-called pump-and-dump scam.
The first is a relatively sophisticated and generally clean PDF newsletter, purportedly from a stock tipster. The second uses obfuscated text in images to throw off text-based spam filters.
Image spam, unfiltered, can be more problematic to email infrastructures due to its size. Even a small image can be orders of magnitude heavier than a plaintext email, proving a greater drain on bandwidth, memory and storage.