14 DAY TRIAL // Popular image hosting service ImageShack has decided to fight spam by replacing abusive images detected on its servers with ones that alert users about scams.
ImageShack is one of the largest free media hosting providers and is used by hundreds of thousands of websites. The service runs on some 450 Linux servers, organized in a cluster which is serving over 2.5 million images on a daily basis.
Like all popular services, ImageShack is constantly abused by cybercriminals to host images that are part of scams or spam campaigns.
One of the most common attacks of this type is image-based email spam, in particular related to pharmaceutical products.
Another service constantly abused to host pharma spam material is Google Docs, but unlike Google, ImageShack decided against simply deleting the offending content.
Instead, it replaced the abusive images with ones alerting users that emails they just read are part of a scam, therefore not only blocking the attacks, but also raising awareness.
The ImageShack alert images display several logos normally associated with danger and hazards and contain warnings like: "Delete this email immediately. This is a scam. Do not click anything here. Do not buy. Pharmacy scam. Illegal. Alert. Fake pills. Your money will be stolen."
They also contains two shortened links, bit.ly/pharmacyspam and bit.ly/pillscams, which point to pages on Spamtrackers.eu, a spam fighting outfit.
According to ImageShack, the image replacement is done manually, based on information received from anti-spam organizations and other individuals.
"We need a source to provide us with image links to replace. Thankfully, we found one using a honey pot," ImageShack co-founder Alexander Levin told independent security reporter Brian Krebs.
"With some rudimentary analysis we were able to find over 300 images uploaded to our services in this way, and were able to replace them with this image within an hour of them being reported," he added.