The number of websites blocked for hosting malicious content rose to 2,797 websites per day in March, according to a MessageLabs report, a 197.2% increase over the previous month and the highest level since October 2008.
Photo: An email with images found by MessageLabs containing scripts
The report attributed the increase to a sharp increase in the number of images containing injected scripts such as Javascript or VBScript hosted in free image-hosting websites, and may potentially extend to some popular social networking sites and multi-media file sharing sites that allow users to allow upload and share pictures.
Older browsers are most likely vulnerable to this technique, the report continued. The technique can exploit a flaw in older browsers where HTML, Javascript or VBScript is appended to the end of the binary code of an image such that when rendered, the HTML and script is also executed.
MessageLabs also reported that when the image was opened in a certain environment, the embedded script could trigger a pop-up ads from a number of different online advertisement service providers. Combined with tracking technology, the pop-up ads can be customized to the user’s location and language.
In March, 20.3% of email-borne malware contained links to malicious sites, a 16.5% increase since February. Spoofed postcard mails were responsible for 14.0% of malicious links in emails during March.
Email connections totalled 4.8 billion per day in March. Spam made up 75.7 percent of all emails, an increase of 2.4% since February. One in 181 emails contained viruses (an increase of 0.03% since February) and one in 284 emails comprised a phishing attack (a decrease of 0.17% since February)
MessageLabs is a messaging and web security company which was recently acquired by Symantec.
[...] understand what email spams like shortened hyperlinks, keywords, photos, poetry (?) and images are trying to [...]