Subliminal Messaging: In a SPAM near you!

Security firm Sophos has identified a “pump-and-dump” stock spam campaign which uses an animated graphic to display a “subliminal” message to potential investors.

Animated GIF graphics are composed of a number of frames, which are shown in succession. This is often used for animation on websites, but has recently been adopted by spammers in their attempt to try and avoid detection by anti-spam products.

In a spam campaign seen by Sophos researchers an embedded image attempts to artificially inflate the price of shares in a company called Trimax. However, unlike the many other similar scam emails the graphic briefly flashes up a message saying “BUY!!!” approximately every fifteen seconds.

The “BUY!!!” message is comparable to the subliminal messages that have occasionally been used in advertising and political broadcasts to try and subconciously influence people.

“Animated graphics are being used in image spam campaigns to try and weave past filters which may be attempting optical character recognition to decipher the messages that spammers send,” said Graham Cluley, senior technology consultant at Sophos. “This message tries to be subliminal, but it is questionable whether it would successfully subconsciously influence armchair investors into buying more stock. Advanced anti-spam solutions, like those produced by Sophos, are capable of protecting against spam which uses these tricks.”

More from News & Analysis

What is the US HIRE Bill and why is India’s $250-billion IT sector worried? Is the internet dead? What's this theory that OpenAI's Sam Altman says might be true?

Pump-and-dump stock campaigns work by spammers purchasing stock at a cheap price and then artificially inflating its price by encouraging others to purchase more (often by spamming “good news” about the company to others). The spammers then sell off their stock at a profit. Sophos experts report that pump-and-dump stock campaigns account for approximately 15 percent of all spam, up from 0.8 percent in January 2005.