In the early days of the Internet, spam was little more than an irritating nuisance. However, like every other aspect of the Internet, spam has evolved to become something far more nefarious in nature.
The spammer’s most fervent hope is that you are ignorant of the tricks and tactics used to spam your inbox. Learning the spammer’s nefarious ways is your best protection against spam.
Manipulating Text
This is one of the most commonly used spamming techniques. Spammers will manipulate the text in the email, to foil the anti-spam filters. They may, for example, deliberately misspell some words: “M0rtg4ge” for example. They may add characters or spaces to words in the email header, to make the email seem unique from other email. Like this: X_A_N_A_X Here’s an example, . They may also insert random strings of text within the email.
Chain Letters
Spammers may send out chain letter instructing you to forward the email to your friends and family. To entice you to do so, it may claim that forwarding it will bring good luck. This spam may carry viruses or a Trojan horse, which is sent along to anyone you forward the email to.
Image-based Spam
The spammer sends out spam that contains an image in GIF format. This image bears the spammy message. Image-based spam is effective in by-passing spam filters because they are generally text-based.
Dictionary Attacks
This is a technique used by the spammers to find email addresses that they can spam. It involves trying random combinations of common names and words, and using these to making up email addresses, e.g. JaneDoe@YourISP.com, JDoe@YourISP.com, JaneDoe1@YourISP.com. The spammer will then send out junk email to the different variations of these addresses in the hope that some of it will go through,
Spammers tend to direct the dictionary attacks at the large email companies, which have a large number of customers.
Email Spoofing
Email spoofing involves the use of a fake email header that is written to make it look like someone other than the spammer sent the email. Very often, the spammer will make it look like the email came from a credible source such as your bank or yahoo, and try to get you to reply with personal information such as a password, social security number or credit card number. This technique is widely used because it is easy to do, and tends to catch the recipients off guard.
JavaScript
The spammer can use Javascript that will ensure that the spam is only visible when the email is loaded. This type of spam can only be prevented using anti-spam software that decodes or blocks the java script.
Social Engineering
This spammer ploy attempts to fool the recipient into reading the junk email by pretending to be an acquaintance. It involves a junk email that has a “personal” subject line, such as “I’m leaving tomorrow,” “I got your message” or “Let’s meet again”.
Mining Message Boards and Chat Rooms
When you post a message to a message board or chat room and leave your email address, automated programs called spambots will find your address and add it to the spammer’s mailing list. Much like a listed phone number in the telephone directory, leaving your email at these types of websites makes it public information.
Web Beacons
A web beacon, also called an “invisible GIF,” is an image sent out with spam that is invisible to the recipient. When the email is opened, the spammer will be alerted that your email address is “live.”
Open Proxy, 3rd Party Servers
An open proxy is a third-party server that enables the spammers to camouflage their real identities as well as their Internet locations, when they send out their junk mail. Many spammers use these open proxy servers to help maintain their anonymity.
Tags: spam