I’ve been getting these e-mails at work where the subject line looks like spam for discount drugs (it will say things like such as / iagr/, that sort of thing. ) In the preview pane, though, I can see a series of 8 or 10 lines from a book, apparently a nautical adventure book. They aren’t complete lines, but fragments, as if it were a small square that had been cut out from the page. There doesn’t seem to be anything else in there. I haven’t actually opened one to find out, of course.
Is anyone else getting these? What the hell are they?
Mixes in Spam characteristics (e.g “Viagra”) with normal letter characteristics, i.e. 10-th grade level english. Designed to poison adaptive spam filters to become worthless and generate so many false positives to be turned off.
I would be perfectly happy if these messages were filtered. I know using / to make the V in Viagra pervents filters from stopping the message (they look for the word). Plenty of spam makes it through this e-mail system, and plenty seems to get stopped (it’s gone from about 100 a week to 25 since the last one was put in), so it seems like an awful lot of trouble to go through to get spam into a mailbox.
It’s not hard to cut and paste some text. And some spam filters consider the percentage of “red flag” words and phrases. Putting a paragraph of gibberish or of actual text from a benign source lowers the percentage and sneaks by.
It’s just that they aren’t actually selling anything. There is no discount drug pitch in the body of the email, so where’s the sender’s interest in getting it by the filter?
…and this is the $64K question. I would guess that roughly a third of my spam looks commercial, but contains no mechanism whatsoever for actually purchasing the product. No link, no phone number, nothing.
I have two theories about this, and would be interested in hearing others’.
The spam is being sent on behalf of someone else, the sender is incompetent (even by the standards of spammers) or doesn’t care – they get paid per message sent or received, not by purchases. I would think that a ZERO percent sales rate would put them out of business pretty quick, though.
Selling isn’t the purpose of these messages at all; they’re looking for bounce rates, virus propagation vectors, pure vandalism, or something like that. But that hardly explains the volume, and many of these messages aren’t even HTML – there’s no way to link back information about receipt at all (or count bounces, since they always have a fake return address). And without attachments, they’re not spreading viruses.
Earl Yep, for a while I was getting spam with random passages from “20,000 Leagues Under the Sea.”
20,000 Leagues? Wow that’s deep !!!
Seriously, the spam I receive jumped up to about 100 per day a few months ago. Recently, it is more like 250 per day. And as others have mentioned a lot of that is in German or from E-Mail addresses with .de in the domain name.
I can’t figure thaht out, either. As I said, our filter isn’t that good, so I don’t see why anyone would need to screw it up to get their spam through. That’s the only explanation I’ve heard that makes sense, though. As TimeWinder said, there are no attachments, and no return.
One explaination I’ve heard, is they are hoping the recipent will reply, then they know they have an active e-mail account.
If you opened it, those words disappear, and the spam sell appears.
If you high-light the whole message after opening, they reappear.
I have a Mac, and although it isn’t immune to viruses, there are virtually none that affect it. Spyware and adware don’t load either, so I’m able to look at them if I choose.
Well as I’ve said, they are hoping this thing gets past your spam filter, you will look at “Viagra”, mark it “Spam” and the spam filter will adapt with the idea “Ok, messages LIKE THIS are spam”. If you do it enough times, legit messages start getting marked as spam, bam you turn off your spam filter and deal with it by hand thereby getting bombarded with advertising. This doesn’t work on individual level, but it’s a sound marketing strategy on a global level.
This is just wrong. Filters (especially the adaptive ones) look for anything. They don’t care if it’s random symbols, HTML tags, or KOI-8 text (common in Russia, among other places). If it appears in a message you’ve marked as spam, it will become part of the filter and get accounted for next time.
Anyway, the spam you got tried to make it past Bayesian filters by including ‘good’ text to help it counter all the ‘bad’ text it also has. Bayesian filters will even adapt to this, given enough training.
This is close, but the spammer doesn’t have to set their hopes that high.
A lot of these messages are sent out by people who aren’t selling anything to consumers, but make money by cultivating mail lists to sell to advertisers. They don’t need you to reply to a message to verify that they have a “hot” account – all they need you to do is either open the message or allow it to be displayed in a preview window.
If you are using a mail client that allows HTML and displays hotlinked images, this will report back to them. This works like this:
Your e-mail address is associated with a string of characters in the in the spammer’s database. A fake image tag is included near the top of the body of the message, which requests an image from a webserver maintained by the spammers that is dedicated to this task alone. The image tag includes the string associated with your e-mail address, and one associated with that particular mass-mailing, like this:
This doesn’t display as anything, since there’s no actual image to display and the tag specifies that it’s a one pixel by one pixel image. The purpose is just to register as a hit on the server.
The spammers can just take the raw logs from the server and run them through some database software, generating a detailed report on which mailings were received by which accounts. They use this information to create more marketable mailing lists. Invalid-but-non-bouncing or impenetrable addresses are culled from the list, and addresses that let a lot of spam in which ends up being displayed get moved up as high-value accounts.
This is why it’s important to use a mail client that lets you turn off previewing and lets you disable HTML rendering (or just linked images) except for trusted senders. If you don’t, you’re just going to get more and more spam until your account is unusable.