Wednesday, June 21, 2006

Smart Spam

My spam filter removes most of the unwanted stuff, but today I got a spam message that uses a new method, I haven't seen before - and which reminds me of the good old days when printing was done on line printers (yes, I worked in IT back then).

When I previewed the message, I got this picture -



I was curious - not for the uncensored videos - I live in a country that liberated porn in 1969, so nothing is censored here - but for the funny graphics. Using the mouse, I realized that it was actually text, no a picture. The text is used for drawing larger letters, just like the banner pages on a line printer. I remember creating such a program once in Cobol...

Anyway I selected a line of text before taking the screen shot as you can see from the blue line. To get into more detail, I copied all the 'uncensored' lines, pasted them into notepad and isolated the U - to make this more readable for you -

As you can see, the picture is drawn from different letters. I wonder how a antispam product will be able to detuct this kind of message, containing no 'nasty' word. I fact, the big letters could be made up of non-spamish sentences.
Spammers seem to be very creative.

3 comments:

Anonymous said...

This is strange but not very uncommon. I got a similar mail in August 2005. See http://www.msxfaq.de/spam/sample13.jpg

It contains a dirty word. as "text grphic". But if you read the single words, they are not randomized letters, like yours. They are words, which are primarily used by children !! like "elephant", Spielplatz (Playground), Kindergarten, Sandkasten. etc.

Frank

Per Østergaard said...

Thanks for the info Frank. This method could probably also be used to trick children into hitting the wrong pages with a search engine. Disgusting method!

And as I read german, I agree that the wording is more dirty :)

Anonymous said...

Antispam products could be extended to recognise this.

They would have to recognise it in three steps.

First, they would have to recognise that this is not normal language or text.

A positive there would make the software analyse the spacings of the characters and spaces to "see" the bigger letters.

It would then recognise each bigger letter, and then the words, and decide whether it should consider it to be spam (which should probably be the default decision for this type of message).

I couldn't write that software, but somebody could!