So, I rec’d some spam in my inbox that I mistakenly though was genuine. The “from” field had the name of a friend and the subject didn’t sound spammy so I opened it.
What is the point of sending e-mails with nonsense like this? The sender is obviously not selling anything. Have I been suckered because I opened it and now they know that my e-mail is valid (how would they know that).
I tried to google search on e-mail gibberish and nonsense but didn’t find anything helpful. I’d just like to know what purpose this e-mail would serve to the spammer.
It’s secret spy code, contact the police, FBI, CIA and MI6. Well don’t, they’re probably already on their way …
More seriously there are a few possibilities, it may have had a ‘web bug’ in it. This is normally an invisible graphic or some such included in HTML e-mails that calls back a central server confirming your address as valid. This doesn’t work with text only e-mails or if you read with HTML switched off or if your mail reader doesn’t automatically fetch pictures.
It’s possible it had, at one point, an attachement with a virus (or something) that’s been silently removed along the way. This is unlikely as you’re normally informed of the removal somehow.
It could just be junk, it could be someone forgot to put the spam links into the e-mail, it could just be some random program gone awry.
Finally, it’s possible that it’s part of a larger plan. It could be that they’re trying to change the knowledge on the learning spam filters. Either to bias them to let later spam throught or to get the to block competitors spam – or maybe even legit e-mails. If your spam filter starts blocking a large portion of legit mails then suddenly it’s useless.
Most likely tho’ is it’s some spammer with an automailer with a generate-nonsense-to-bypass-spam-filters feature that’s playing around and forgot to include the link. Or a bored script kiddie.
How an email with a blank subject line and a hyphen (or dash, if you prefer) in the sender field and the message is blank and there were no attachments?
The words are randomly-generated gibberish intended to get the message past email spam filters. Often there is really an overlaid image in the email, that contains the real advertisement. You see this a lot if you use an email client that blocks images by default, but alerts you that there are images and allows you the option of viewing them. Thunderbird is one that does this. Another thing that inlining images in emails does is that it lets internet advertisers know how often and what time of day you check your email–because their server doesn’t get the image request when the email is sent, but when the email is opened.
There’s two possibilities here: if the [from] field just had a simple first name like “Dave”, and you had a friend named Dave, then the spammer just got lucky. If the [from] filter had the full name like “Dave Stephenson” and that is the name of one of your close friends–and even more importantly–that is the name that appears in the “from” field when Dave really sends you emails–then what happened was Dave’s computer has been hit with a trojan/virus, and your email got harvested from his address book.
…
Either way though the sender of the spam would have known that the email address was valid, because if it was not a vaild address, YOUR domain mail server would have immediately bounced the message back to the sender inside another message stating that there was no known address of that name on your domain (your ISP provider).
~
Although that is possible, it cannot be determined just from the sender’s address, and probably not what happened.
Here’s how many viruses perform their devious deeds. On an infected machine, the virus looks just about everywhere for valid-looking email addresses, not just in the address book file, but cached web pages, deleted emails, DOC files, etc. It puts everything it finds in one big file. When it prepares to send out something, it randomly picks two email addrs from that file, puts #1 addr in the TO field and #2 in the FROM field, then sends the message.
So you can see that the message does not tell where it really came FROM, and therefore does not indicate whose machine is infected, either. The only thing it does tell is somewhere in the world is a person who has both addresses handy, and not necessarily at the same time.
The nonsense words are an attempt to avoid a spam trap.
The fact this spam has no ‘pay-load’ could be because of three reasons;
The spammer messed up. Very possible. The spam itself could have been sent by a zombie computer infected by a virus, and it’s bugged or damaged. Or the spammer could be an idiot who’s using ‘off-the-peg’ spam software (yes, it does exist) and doesn’t know how to work it properly.
Your email application doesn’t read the format the spam has been sent in, so it’s just not appearing. This is very probably if you have HTML or automatic image downloading switched off. This is one reason I don’t use HTML on my email reader. Spammers love HTML and linked images.
The spam pay-load was stripped off the email by an anti-spam filter. But, as has been said previously, usually you’ll be warned of this.
I don’t think it’s anything to do with some kind of spam ‘test run’. What’s the point of a test run when the real thing can do the same job, and deliver spam? Also; spammers don’t care if addresses are valid anymore. When you can fire out millions of emails in a couple of hours, who cares if 40% bounce? It’s not like they’re going to bounce back anywhere near you. Verifying them is more effort than its worth.