The report said images fooled some filters because they had no easy way of knowing whether a graphical file contained an innocent photograph of a friend's birthday party or embedded text pitching Viagra or a company's stock.
The development marked yet another escalation in the battle between spammers and filter developers: As software gets smarter at detecting junk, spammers get smarter at fooling the filters.
Until last year, the use of image spam had been in decline as anti-spam filters figured out how to detect it, often by applying a mathematical formula to known spam images and generating a unique signature that software could use to flag junk, Craig Sprosts, senior product manager for anti-spam vendor IronPort Systems, was quoted as saying.
But earlier this year, tools began circulating among spammers to automatically vary images ever so slightly, a change in color here, a slightly larger border there. That changes the signature, helping it escape detection.
"If you are trying to fingerprint that image, it appears different every time," said Dmitri Alperovitch, principal research scientist at anti-spam vendor CipherTrust.
Since April, IronPort had seen a 40% increase in image spam sent to so-called "honeypot" accounts set up solely to attract junk messages for analysis. IronPort and CipherTrust both said image spam now accounted for 15% of all spam, up from 1% earlier in the year.