I’m getting dozens a day like this.
The headers seem normal except the return addresses are from names that are random letters @ a site that doesn’t verify email names.
AFAIK, it’s so that people will respond to it, and they will verify that email address. This can be used to sell “verified” lists to other spammers. I’m sure you’ll get a better explanation when somebody else comes along.
In addition to harvesting valid addresses they are also testing spam filters, and potentially trying to poison the Bayesian algorithms that are used as spam defence. A real expert will no doubt be along shortly.
FWIW, Gmail’s defences are still mostly resistant, but I did get one of those in my inbox today.
This isn’t very likely if the email is, as the OP states, purely random words without even a hint of a sales pitch. As far as I know from talking to people who deal with this subject, spam that does consist solely of gibberish is usually an error. The software and set up needed to generate huge amounts of spam is – like all software – prone to glitches and to operator error. Sometimes people make mistakes and spam goes out that wasn’t meant to go out. The random words are usually used to disguise the sales pitch from spam filters. Sometimes, the Idiot Newbie spammer sends out 100,000 spams before the sales pitch bit has been added.
Sometimes the random words will be accompanied by a jpg or gif image with the actual spam message in it.
If the filter lets the spam through based on ‘good’ words, you may or may not see the image based on other factors.
Also, those messages can sometimes contain a unique link to a tiny (1 x 1 pixel) image on a website. When you open the message, the image is downloaded and the record of that hit confirms your address is active.
But often it appears they’ve just been sent in error.
Don’t all the modern email programs default to not loading remote images in email nowadays?
You can still override that default by manually clicking on the link or attachment.
In the Times yesterday it was claimed that these are messages sent out by zombie machines which for some reason never got the real payload of spam.
It also said that most spam now is advertising penny stocks. The spammer buys the stock before sending out the spam, and there are enough idiots out there who buy the stock based on an illiterate email message that the price goes up, and the spammer then sells. The benefit of this is that no website is necessary, and there is no way of tracing the spam to the spammer.
If you want to prevent confirmation of the validity of your email address by the spammers’ use of an image, most web-based services and email clients have the option of only loading images when you click on a button to do so. That means that it won’t happen automatically and you can open a message to see what’s in it before loading anything.
My understanding is that by filling spam email with words that are typically found in normal emails, the Bayesian filters mentioned above have a harder time discerning what is valid and what isn’t.
Again, this is just my understanding, but I believe Bayesian filters work by analyzing words against their likelihood to appear in a regular email. Viagra, for instance, rarely appears in normal emails, while “granddaughter” rarely appears in spam. By inserting “valid” words in email that would otherwise be identified as spam, these statistics are thrown off, spam words are given more weight as possibly being valid, and the filters start to fail.
Hopefully I’m right in this, and if not, someone will come along and set my misunderstandings straight.
I think this must be it for the case I gave in the OP.
Maybe the newbie is just running a few tests to play with his new spam software, and I’ve got the real campaign to get later.
This is so true. I get so many of these and my spam filters and my manual Outlook filters can’t find a pattern that isn’t in real mail.
Are people supid enough to buy advertized stocks from blind touts? Do they really think that the smart money is bradcasting it as spam?
I guess nobody has to actually fall for a scheme for spammers to keep trying it. Spammers are a lot more tech savvy than people savvy.
Wrong. Spammers are very people-savvy. The penny stock scam works & makes boatloads of money. The critical thing is that when 1 million spams cost 2 cents to send, they don’t need too many takers to have the economics work to their favor.