So I’ve been getting an unusually high number of spam messages sneaking below my spam filters and landing in my in boxes. The subject lines are typically spammish:
ahunter3, Got House? Let our lenders save you thousands
ahunter, don’t wait to refiance! 2700 lenders are at your service
Hey ahunter3, _cheapest Life-_Insurance Ever!
Attn: McAfee can SAVE THE DAY!
ahunter -This program WILL improve your computer. Guaranteed
The contents, meanwhile, are nonsense strings with no spaces, lines of equal length. Like BinHex or UUEncode or something. Not particularly long. Here’s a sample:
There’s no other body text to them. There are no attachments. Oh, and the encoded textblobs are not identical, although I’ve seen some of the same ones in various messages. (I set up spam filters on the first few based on the initial characters in the string, but there are too many variants).
A poorly spelled description of a terrorist’s favorite porn site ?
Seriously though, it might be a picture of some sort. There are lots of small clusters of similar looking subsequences. There are too few odd characters for it to look like the output of a compression algorithm.
This is likely an image or script which was embedded in the body of the email, and you’re using a client which doesn’t process embedded content. I’ve also seen this happen when attachments are sent by a mail client that doesn’t properly handle certain file types and doesn’t identify them as attachments correctly. In either case, I believe you’re seeing the MIME-encoded binary content of an external file.
If you look at the raw content of the email including headers, there is probably some identification of the MIME type this content is supposed to represent, which would at least tell you what kind of file it was supposed to be.
