At least that’s the way it seems.
That they are spam is usually pretty obvious anyway, they often refer to things I don’t have (Apple products, McAfee, Amazon Prime, etc.) and of course the actual sending address is a giveaway. But why mis-spell words on purpose, which gives me the immediate clue?
Follow-up question: does the sender ever find out that I have flagged their account as spam?
I have seen the theory that since they want marks who believe the scam, putting obvious errors weeded out their non-target audience and focuses it on people more likely to believe it.
Non-native English speakers ?
Lights up Batsignal for @Mangetout.
He has quite a bit of experience doing email scambaiting.
I’d always thought it was an attempt to fool spam filters. E.g. if the filter’s AI learns that spam frequently contains the word “porn”, then spelling it “p0rn” might fool it, at least for a while. Although I doubt it works much anymore, spam filters have gotten more sophisticated and have almost certainly learned the rule that spam usually contains misspelled words.
Spam blockers block the obvious words like “million dollars” and “Viagra” if they’re spelled correctly. But there are practically infinitely many misspellings and it’s hard to come up with a spam blocker that detects them all.
It’s still the case that spam filters work by, among many other things, matching suspicious words.
So the misspelling of Veagra is simply the spammer hoping to slip under the spam filter’s radar.
Which makes me think of an interesting problem …
I bet the folks who legitimately are involved in the production and sales of e.g. Viagra have a hard time getting their legit emails through to their counterparts at other companies. They probably have a codeword instead: The product that shall not be named. Or something. 
I think evading the spam blocker is really the answer. I wish that I could set up a filter in, say, Hotmail that would toss any e-mails that use those unicode substitutes for letters in the subject right into the garbage – bold letters, weird underlines, etc.
I don’t really see a lot of misspellings in ‘spam’, but ‘scam’ emails do seem to deliberately include bad spelling and grammar. This I suspect is to make the recipient feel superior in some way and maybe sympathetic to the poor ignorant [native-of-another-country].
It’s evolution in action. They share and combine the words that get the most responses.
The one today that triggered this question mis-spelled the word “expired” by putting three i’s into it instead of one. I suppose “expired” must be one of those common spam words that might get flagged (although I often get emails from my e-pharmacy that use the word).
The rest of the email is almost all graphics, which is probably how they get questionable but properly- spelled words through spam filters.
Spam filters shouldn’t block an email simply for containing one common spam word. I’m actually taking an online machine learning class and the professor touched on how spam filters typically work. They usually compute a probably of an email being spam based on how many common spam words they contain, and may use clues from the header as well, like if it was routed through any weird servers or how many recipients it was sent to.
So an email from a walgreens.com email address sent to just you and your doctor about your expired Viagra prescription probably wont be blocked (although of course false positives happen sometimes).
Before there were spam blockers built into mail servers, you had to screen individual words yourself, and divert emails containing certain words to your trash folder. It would only filter your spelling.
There’s an interesting article from Microsoft Research here that explores this general topic, and concludes that the errors are deliberate, and are there to filter out the people who are likely to be paying proper attention (and thus will twig what’s going on halfway through, wasting time and effort for the scammer, with no payoff).
I don’t doubt the truth of that, and I think it’s possibly more commonly the case for phishing scams (where the objective is to get the mark to click and breach personal account data)
In other kinds of spam and scams (in particular, advance fee scams and similar, where I have spent quite a lot of time baiting the scammers with the express intent of wasting their time and frustrating them), there is also a general English literacy factor; English is often not the scammer’s first language, and furthermore, in some of the hotspots for this scamming activity, it’s really common for kids to drop out of school early to begin scamming - in Nigeria, for example, I’m reliably informed that becoming a 419 scammer is widely regarded as a desirable career option, encouraged by community role models such as local police officers.
In dealing with these scammers, I have found that, when I divert them off script, their English is often very broken (as well you might expect, and I mean, still better than my command of any language foreign to me) - it’s only funny when juxtaposed against their tall story that their name is Andy Freds, an English investment banker from South London.
If they are using it for evading spam filters, I bet they try a bunch of different things automatically. Any one thing probably would not get them caught, but if they can find enough things that let them through, they let it.
That said, what I’ve more noticed is using alternative characters, like boxed letters, characters that look like other characters, monospace or italic characters, and so on.
For example, none of these letters are normal ASCII, but some bold Unicode characters:
𝗣𝗔𝗧𝗥𝗜𝗢𝗧𝗦: 𝗖𝗼𝗻𝗰𝗲𝗮𝗹𝗲𝗱 𝗪𝗲𝗮𝗽𝗼𝗻𝘀 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗢𝗻𝗹𝗶𝗻𝗲
Yes. I wish Hotmail would let me auto-delete any e-mails that have all that unicode crap. Also, spam filters should be smart enough to convert all unicode letters in the subject to their real underlying letters before checking for spam indications.
Of course it’s a cat and mouse game. From the early misspelling to the modern Unicode & embedded graphics trickery the game continues.
Right now the Unicode trickery seems to work pretty well. But probably not for much longer.
Couldn’t one bypass a filter by spelling VIΑGRΑ with Alphas from a Greek keyboard? As I just did in the above example. Can you detect it? AltF search for viagra misses it.
I just want to note that the spam title I quoted was in my spam folder on Gmail. I’ve almost never seen a spam email make it through Google’s filters, and the only false positives I’ve ever encountered were still bulk or automated emails.
That said, an email from paypa| did make it through on my old Yahoo Mail which I decided to log back into so I didn’t lose all my old emails.
Yep - Cyrillic characters are often used that way too