written by
Zack Calloway

Threat Alert: Why Outlook Blocks Images in Emails

Microsoft Outlook Phishing Malware 1 min read
This is the latest trend in phishing attacks

If you use Microsoft Outlook as your email service at work, you’ve probably noticed a weird quirk it has. Most of the time, if an email has an image in it, Outlook automatically blocks that image from loading. It tends to make fancy emails look broken, and it’s easy to bypass (usually you can load the images in just a click or two).

Have you ever wondered what this image blocking business was all about?

Turns out Microsoft has a good reason to do this. And the attack they’re trying to protect against is on the rise again.

Here’s what you need to know about how seemingly innocent images can be used to attack your company and steal your data.

Why Outlook Blocks Images

So why does Outlook block those images? Well, it’s not just trying to ruin the look of every single marketing email you receive. It’s trying to keep you safe.

There are two main ways that images could do damage: tracking pixels and bad links.

Tracking pixels

Images in email can do a few different things you might not expect. First, they can be used to track you. This is usually not sinister; marketers will embed a tiny tracking pixel (essentially a tiny invisible image) in their emails. When your device downloads that image file, the marketer or business gets notified that yes, you actually opened the email.

Of course, if marketers can do this innocently, bad actors can definitely find a way to use it less innocently.

They could use it to track which malicious, phishing, or spam emails actually got opened (and by whom). This data could help them target better attacks over time.

Malicious links

The other reason Outlook blocks images is a little more overtly sinister: sometimes images are actually links. Again, linked images can be used in positive ways: click that “get 75% off now” image from a software vendor, and most of the time you’ll end up on a landing page where you can save some money.

But a bad actor could send you an impostor email that looks like it comes from a software vendor like Microsoft or Adobe. Only when you click the image advertising a sale, you land on a fake website. If you continue any farther, you’ll get phished.

This is sneaky because most people are getting better at understanding they shouldn’t click on weird-looking links or open file attachments they weren’t expecting. But clicking an image? That doesn’t seem so dangerous — even though the threat is basically the same.

How to Spot a Malicious Email

We’d love to say “just don’t ever open any images”: that advice would keep you safe, but it just isn’t realistic. So instead, here’s how to spot an email that might not be what it claims to be. If any of these are true, don’t click that image!

  • Emails that are out of place (important people, celebrities, executives, pastors emailing you about things that they wouldn’t normally)
  • Offers that seem too good to be true (if you’re not sure, manually visit the brand and look for a similar deal, or call customer service)
  • Strange wording, spelling and grammar mistakes (less so in the era of chatGPT, but scammers aren’t usually known for excellent prose)
  • Mismatched branding (e.g., out-of-date logos, “bad design”)

The Best Strategy for Email Images

So what’s the best strategy for dealing with email images? Well, Microsoft is doing a pretty good job here. Defaulting images to not load (especially on certain types of messages or unfamiliar ones) is a good start. Teaching your people not to click on images under most circumstances is also an excellent idea.

If you have questions about this or other email- or cybersecurity-related topics, don’t hesitate to reach out!

email images Spam