By Lincoln Spector, PCWorldMar 27, 2014 7:29 am PDT
Jerseygirlinfl asked the Answer Line forum if photos floating around the Internet could contain mailware.
Cybercriminals use images in a number of ways to infect your computer. In most cases, the photo itself is harmless; it’s just a trick to get you to do something stupid. But sometimes, a .jpg file itself will contain malicious code.
Let’s look at a few ways in which an image can contain some real bad news.
As you may have noticed, a lot of spam exists for the specific purpose of tricking you into visiting a particular website–often one that intends to download malware. Images can play a big part of that. You probably already know not to click a link in a suspicious email, but photos can be embedded in emails as they are in webpages—and do their dirty work when you open the mail.
Fortunately, most modern mail clients don’t display such pictures by default. Best to keep it that way.
Another trick is the double extension, which takes advantage of Windows’ file-naming conventions. If a file is named adorable.jpg.exe, most Windows computers will display it as adorable.jpg. Most users, therefore, will think it a harmless image file, even though it’s really an executable program. And when you run the program, it probably will show you an adorable picture…while it infects your PC.
And finally, there’s steganography, which in a digital context means the art of hiding data in another type of file. A .jpg can easily contain additional bits interwoven within the image, without noticeably effecting the image’s appearance. That additional data can include code, which is encrypted to make it harder to identify.
Luckily, such an altered image can’t do much by itself. No image viewer will see or know what to do with that code, even if it isn’t encrypted. But malware developers often break up their code into multiple pieces and distribute them separately to avoid detection. The information hidden in a picture could contain instructions useful to another piece of malware on your computer. See Zeus banking malware hides crucial file inside a photo for one recent example.
How do you protect yourself? Giving up on images seems a bit extreme. There are better methods.
Keep your operating system, browser, and antivirus software up-to-date. Of course, you should be doing that already.
Be wary of photos whose origins you don’t know.
And finally, have Windows show you file extensions so you won’t be fooled. In Start menu’s Search field, or in Windows 8’s Search charm, type folder options. Select Folder Options. On the View tab, uncheck Hide extensions for known file types.