Now this problem can be easily mitigated by good image readers/scanners which only understand the image format and display it if it adheres to that standard and it doesn’t execute anything.
So VIRUS is not the problem. If you carefully read the warning, it says to “protect privacy”…
That’s interesting! What can a image from a 3rd party site do with privacy? Answer is simple and it’s not addressable by email clients.
Consider the image(s) to be downloaded is at customized link for your email id. Once this image is downloaded from the site, it just means that your email id is valid. Quick and Safe way for spammers to make sure your email id is valid and can be targeted for more spams! Since email client like outlook can’t easily determine if the image is used for email id verification or not, it simply blocks images asking you to validate to download images. This happens everytime the sender id isn’t from your trusted domain or safe list.
This concept is not only used by spammers but interesting apps have been designed using this. Checkout: http://www.spypig.com/
All this does is find out if your email has been read without asking for read receipt from clients!