ARCHIVE: Spammer Tricks
If you've ever received a spam-esque email as follows and don't know what the heck is going on, then read on:
Spammers have realized that too many people are using spam filters and as the filters get more and more efficient, fewer and fewer people actually see the spam emails that spammers send. With the advent of rule-based filtering software like SpamAssassin, it became difficult to include shady HTML/scripts and explicit remote-linked or embedded pictures within the emails, without being classified as potential spam. Rule-based spam filters assign points based on violations detected inside an email and once the total number of points reach a certain threshold, the email is classified as potential spam. While many spammers continue to send spam that rule-based filters instanty block, many switched to sending spam that would easily pass through these filters, after all, the rules for these filters are no secret.
Spammers now started sending a lot of plain-text spam that contained URLs to various sites. It worked great for a while till Bayesian filters like SpamBayes became popular. Bayesian filters require some effort from the user's end. You have to manually "teach" the filter what is spam and what isn't, by clicking "Junk" or "Not Junk" for all the emails you receive. The filter "learns" by adding all the words in an email marked as junk in the "bad words" list and adds the words in a "Not Junk" email to the "good words" list. It's more complex than that obviously when certain words like "from" are present in both junk and non-junk emails. But as a user, you don't have to worry about it.
Once the filter has learnt what spam means to you, it will start filtering all your new emails based on your filter-set. With time, bayesian filters become much better, almost 99.5% in some cases. In simple terms, that means less than 5 of the 1000 emails that spammers send, end up in your Inbox. And that's where the email mentioned above comes into play.
What the spammers are trying to do is poison your Bayesian filter-set. Now that your email has learnt over the course of 6-12 months that brake, concentrate, suffice, and dual are good words, the spammers include words like that in their spam. Also since this plain-text email doesn't contain any spammy-html things like 1x1 hidden pixels, multiple To:/CC:/BCC: addresses, virus-laden attachments etc., there's a pretty good chance it passes through your rule-based filters without a hitch.
If you're in a hurry and don't bother to manually mark this email as spam, your spam filter could "learn" that this email is not junk and include all the other words mentioned in the email on the "good words" list. Once deerstalker is in your good words list at least one time and in your bad words list zero times, the spammer can mention it in any other spam email and your Bayesian filter will let it pass through since its more often in your good words than your bad words list. And the more you fail to mark these spam emails as "Junk", the worse your filters will get.
Basically, the spammers are trying to screw up your "good/bad word" lists. Once they've managed to do that, you'll stop trusting your auto-spam filtering and in fact start checking your junk mail folder more often. And then, you'll open their spam emails.
So yeah, just mark emails like this as spam and then promptly hit delete.
Good Day
I am willing to s.tay in the USA some time may be we can meet each other and have some fun time or may be more. I am looking forward to receiving your message to my personal email katyarealmeet.info.
I will reply with a p.icture
I am nice female
Do not freply to this email. WriteC to me directly.
denounce marimba fedders foreign brewery strait abetting brake seaman ballfield borroughs rosetta retrogress crowberry cape concentrate brim abash suffice epithelium dosimeter zloty europium benefice buckskin deluge amulet dual buy deerstalker greenland jot delirious collaborate capstan continent
Spammers have realized that too many people are using spam filters and as the filters get more and more efficient, fewer and fewer people actually see the spam emails that spammers send. With the advent of rule-based filtering software like SpamAssassin, it became difficult to include shady HTML/scripts and explicit remote-linked or embedded pictures within the emails, without being classified as potential spam. Rule-based spam filters assign points based on violations detected inside an email and once the total number of points reach a certain threshold, the email is classified as potential spam. While many spammers continue to send spam that rule-based filters instanty block, many switched to sending spam that would easily pass through these filters, after all, the rules for these filters are no secret.
Spammers now started sending a lot of plain-text spam that contained URLs to various sites. It worked great for a while till Bayesian filters like SpamBayes became popular. Bayesian filters require some effort from the user's end. You have to manually "teach" the filter what is spam and what isn't, by clicking "Junk" or "Not Junk" for all the emails you receive. The filter "learns" by adding all the words in an email marked as junk in the "bad words" list and adds the words in a "Not Junk" email to the "good words" list. It's more complex than that obviously when certain words like "from" are present in both junk and non-junk emails. But as a user, you don't have to worry about it.
Once the filter has learnt what spam means to you, it will start filtering all your new emails based on your filter-set. With time, bayesian filters become much better, almost 99.5% in some cases. In simple terms, that means less than 5 of the 1000 emails that spammers send, end up in your Inbox. And that's where the email mentioned above comes into play.
What the spammers are trying to do is poison your Bayesian filter-set. Now that your email has learnt over the course of 6-12 months that brake, concentrate, suffice, and dual are good words, the spammers include words like that in their spam. Also since this plain-text email doesn't contain any spammy-html things like 1x1 hidden pixels, multiple To:/CC:/BCC: addresses, virus-laden attachments etc., there's a pretty good chance it passes through your rule-based filters without a hitch.
If you're in a hurry and don't bother to manually mark this email as spam, your spam filter could "learn" that this email is not junk and include all the other words mentioned in the email on the "good words" list. Once deerstalker is in your good words list at least one time and in your bad words list zero times, the spammer can mention it in any other spam email and your Bayesian filter will let it pass through since its more often in your good words than your bad words list. And the more you fail to mark these spam emails as "Junk", the worse your filters will get.
Basically, the spammers are trying to screw up your "good/bad word" lists. Once they've managed to do that, you'll stop trusting your auto-spam filtering and in fact start checking your junk mail folder more often. And then, you'll open their spam emails.
So yeah, just mark emails like this as spam and then promptly hit delete.