Image Phishing Attacks:
Protect your personal email

How many red flags can you spot in this email?

A lot of people receive emails like the one Emily received. You may come across email scams pretending to be from Amazon, Kohl’s, or Dick’s Sporting Goods. If you’re unsure whether an email is a scam, you can hover over the email address to check its legitimacy. If the address consists of a bunch of numbers, doesn’t use the company’s official domain, or has a suspicious domain, it’s probably a scam. 

How are these emails bypassing spam filters?

The email above initially appears to have text, graphics, and buttons, but upon closer inspection, we discovered that the entire email is actually an image. While images can make emails more visually appealing and engage recipients on a deeper level, certain images in emails can hide potential dangers, especially in the form of phishing attacks and privacy risks.

Cybercriminals mess up the image’s hash, making it unrecognizable as a phishing threat. As a result, users keep getting those annoying phishing emails, even after their IT department tries to block them. It’s a never-ending battle where cybercriminals stay a step ahead, keeping users on their guard.

Image Blocking As An Option

GMail, Outlook, Apple Mail, Yahoo Mail, and other email clients offer the option to block images. Some email clients turn on image blocking by default, too. Email clients implement this feature primarily for security reasons, while individuals may opt for image blocking to conserve bandwidth. However, this does not mean that images cannot be viewed altogether. Users can manually download blocked images with a simple click, ensuring they only view trusted and safe content.

Image blocking serves multiple purposes, including protecting against potential scams and mitigating privacy compromises. When remote content is downloaded, the user’s email address, IP address, and email client information can be revealed to the host of that content. This information, combined with an IP address, can potentially disclose the user’s geographical location, and employer/ISP details, and facilitate future exploitation or targeted phishing attempts.


Protect Yourself from Image-Based Email Scams

Images in emails have the potential to be more than just visual elements of communication. They can serve as gateways for phishing attacks and compromise user privacy. Understanding the workings of image-based phishing threats, the techniques used to bypass filters, and the significance of email image blocking is crucial for maintaining online security. 

By remaining vigilant, users can protect themselves from the hidden dangers lurking behind innocent-looking images in their inboxes. Here are some tips you can follow to protect yourself from scams like these:

  • Keep your computer’s antivirus software and operating system updated.
  • Be cautious when sharing personal information online. Provide sensitive data only on secure websites (look for the padlock symbol and “https” in the URL).
  • Enable two-factor authentication on your accounts for added security.
  • If you receive suspicious emails impersonating a company, report them to the company being impersonated.

Sangu Mail’s scanners delve deep into the heart of each email. We don’t just block phishing, malware, and ransomware attacks from reaching the inbox. Our advanced AI and image recognition tools help detect these image-based email scams and other potential threats that might escape typical spam filters.

Learn more about how we protect your personal email.

One Response