Report claims surge in remote phish images; some say business as usual

Report claims surge in remote phish images; some say business as usual

Vade Secure analyzed 26.2 million remote images in November 2020 while blocking 262 million emails containing malicious, remotely hosted images. (Sean Gallup/Getty Images)

A new report suggests that 2020 saw an increase in phishing emails that relied on remotely-hosted images to help malicious emails slip past filtering technology. But other experts downplayed the alarm, suggesting that the technique is well-known, and squashed through multilayered defenses should be able to catch. 


The blog post report from email security company Vade Secure, said that in November 2020 the team analyzed 26.2 million remote images while blocking 262 million emails containing malicious, remotely hosted images. The company said it was inspired to measure the volume of such attacks after observing what appears to be an uptick in this technique over the past year.


Blog post author Sébastien Goutal, chief scientist at Vade Secure, didn’t have past numbers with which to make a statistical comparison, but told SC Media that he’s seen a “big increase” in use of this tactic over 2019. He also said that now the “typologies of threats are broader,” citing examples of phishing schemes imitating known brands such as SunTrust, PayPal, Amazon and Bank of America.


Standard phishing emails featuring largely text-based content are often unable to sneak past email security solutions’ textual content analysis. But attackers can avoid such analysis and defeat certain older, legacy email defenses by delivering the same content in an image instead of text. But as email filters have upgraded their ability to analyze images for malicious signatures, adversaries have stepped up their game by hos ..