User Image Upload Sites Are Major Targets for Spammers and Hackers

Script injected images could be the culprit of malware or malicious content in spam messages.

Reports by security firms have said that the number of sites blocked for hosting malicious content rose by 197 percent just in the month of March 2009. This was reported by MessageLabs where the stunning results may be due to the increase in web-based and email-borne images with malicious scripts injected. The other surprise part of this study is that most of these sites that were blocked due to malicious content were free image hosting sites.

Do you use any free image hosting sites for storing or sharing images? Do any of them extend to social networks allowing interconnectivity from the image source to a social networking site that you may be a member of? Spammers and hackers are using these circumstances to use scripts and SQL injections to compromise the user generated sites through images uploaded to these free image hosting sites. They use custom created ads that could redirect users to a malicious site or phishing web page.

Spam has increased to alarming rates and providing yet another outlet for spammers to spread more malicious content via user-uploaded image sites. Did you know these images or script injected images could be included in spam messages causing an epidemic of spreading malware?

Just in Hong Kong alone, 88% of all email messages are consider to be spam messages. You could only imagine what the rate is in America, although a lot lower than Hong Kong, it is a scary thought. Very rarely do spam messages not include some type of image, malicious link or embedded script within an attachment. Usually one of these items lead you to some type of malware or phishing website.

It is best to keep updated antivirus or antispyware software running and up to date at all times. Many internet and computer users cannot help but to use free image sharing sites and email. Be cautious with any site that offers free image uploads as you would with a suspicious email message.