Lately, most of the spam I get has gibberish in the subject line, and often within the message as well. Is this an attempt to get through spam filters? Does it work? My accounts generally are not filtered.
For example, this was the subject of one that I got today:
podbizite regnavissentque Revtim insured regnavissentque
Note that “Revtim” is in there too, which is the name part of the particular email address this came into.
I’ve seen these codes showing up for quite some time. I assumed (I have no evidence) that it was exacly that… a machine generated code to keep the subject line from being identical to another message, and possibly to indicate who registered the click-through if you ever happened to respond or follow the link.
That makes sense, I suppose a lot of filters at the server level are looking for identical subject lines in email to several accounts.
The arms race continues.
Yes it is an attempt to get past spam filters. And it works in some cases.
There are several ways to filter your email; a couple of the most popular are pattern matching and bayesian filtering. The gibberish in there is to beat the pattern matches.
Pattern matching works like this:
You get a spam message, you mark it as spam, and from then on any other message matching this pattern is rejected. This doesn’t sound like much but if you start sharing your rejected patterns with others, and using their patterns, it can get pretty powerful quickly.
The spammers solution: add gibberish to change the pattern. Thus you never match patterns with anyone else.
Bayesian filtering is the response to this, and is based on a statistical analysis of the words in the spam. The idea is that the spammers can change the subject line, or change the pattern of words anytime, but they do have to deliver their message, so the message is what we need to watch for. So bayesian filtering assumes that certain words appear more or less often in a spam vs. a regular message. You build up a profile of spam, do a numerical analysis of each incoming email, and filter if it matches certain criteria (lots of exclamation points, the word penis more than once, lots of caps, etc.)
Now that I have rambled on and not really answered anything, and ** Waverly** beat me to the answer, I will throw in that the reason your account name shows up in the subject is twofold: it gets your attention, increasing the chance you’ll open it, and it helps them track you. If you reply to it, or it get bounced as a non-valid email, their systems can automatically respond to that, either by sending more crap if you respond (they know it is a vaild email) or dropping the name if it bounces.
Thanks for the explanation of bayensian filtering Etherman, I’d heard about it but never read an explanation. You probably already know this, but the latest beta of Mozilla uses bayensian filtering in its email client.