Spam's evasive maneuvers.

Question

Like many I get a lot of spam. But I have noticed in some they have a line of text that’s in a tiny font. I copied it into Word to see what it is and found it to be just a bunch of mixed words. What do they use that for?

- Curt

Answer

This question was answered on November 11, 2004. Much of the information contained herein may have changed since posting.

Spam has become a big business for spammers and for the companies that create tools to fight the unwanted messages.

Since there is money to be made on both sides, the battle over control of your Inbox is pretty fierce

Every time the spam filters catch on to a new exploit it forces the spammers to be more creative to bypass the filters.

The number of tricks used by spammers to assault millions of users every day grows daily A couple of the tricks that can make filtering spam messages very difficult are often used together.

Because most e-mail programs today support HTML (Hyper Text Markup Language - the language used to create web pages) they can display large fonts and images within e-mail messages.

This allows a well meaning sender to send very attractive messages but it also allows spammers to create spam messages that are not text based, but rather image based Since there is no way for an automated system to read the text embedded in an image, the text that accompanies the image will generally be used as the criteria to determine the content of the message.

Spammers know that if they send out millions of messages that are identical, even the most unsophisticated filters will quickly be able to determine that it’s spam and quickly begin filtering them all.

But, if every message actually looks different to the filters, the detection process becomes much more difficult One of the primary methods of detecting common spam messages is to compare an incoming message to a library of ‘known spam’ messages.

If the spammers generate a unique string of text for every message then to most spam filters, the message will look different This will require much more sophisticated algorithms on the part of the filtering system to determine the true status of the message.

So if both of these tactics are combined, the spam message is in the image at the top and the random text is at the bottom to ‘feed the filter’ a bogus string to fool it.

Spammers use what are known as ‘ratware randomizers’ to automatically generate these text strings The sophistication level of these tools is such that they can often track which strings are getting thru the filters and which ones aren’t so that they can improve their success rate.

As a Netizen that averages over 800 messages a day (most of them are spam), finding sophisticated spam filters is a must I have yet to find any single tool that can handle the kinds of loads that I have to deal with, but I have found the greatest successes to date with programs that use the ‘Bayesian’ filtering analysis.

My current favorite is Spambayes which is a free download available at spambayes.sourceforge.net

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on November 11, 2004