« Added a "Logout" Logo to Blogsphere | Main| Lotus Guru Style Enhancements Added to Main Blogsphere Template »

Coded Messages Masquerading as Spam?

Category

So I decide on a whim to actually open one of my spam emails with a subject of "WE SELL YOU ALL MEDs AT C0ST PRICE, 2 DAYS PR0MOTI0N side" and find the following nonsensical text embedded inside:

words possible bridge short thats, went husband board, reference dare planning end teacher tying.
surely opposite approach. yours reading rose know fool force,
wood board anybody.
drew development age age. considered forth sugar whom? reply street may.
taken news benefit, am among quickly. gym winter degree king prison human.
force may did few prison? prettier here night certain gray gotten? goes evil son truth learned need. raised showed need room somewhere. gym already burst side second. fool thee beautiful proud.

It had to take a lot of effort to write that, and it does absolutely nothing to help encourage one to then click on the links where you can actually buy meds.  So why go to the trouble?

I guess I've read too many spy novels or something, but I'm starting to think that a lot of spam is probably just coded messages "hiding" in plain sight so to speak.  Who is sending these messages?  Well, considering the sophisticated evesdropping technologies employed by the US intelligence agencies, these sorts of messages seem like a logical choice for terrorists or other bad guys who need to avoid using more traditional communication channels.  True or not, I'm sure that even the *possibility* that it is means there are a bunch of folks in the intel community reading spam all day long.  Hopefully they've got one helluva Domino mail processing agent to help sort it all out .

Comments

1 - Interesting point Richard. So if I were to finally get kSpam up and running and added these sorts of messages to my spam database, would I be likely to get more false positives because I'm flagging "good" words as spam?

2 - The nonsense text is intended to fool Bayesian spam filters and other statistically-based anti-spam techniques by overwhelming the "spammy" words with lots of "good" or "neutral" words.

3 - Richard's explanation is supported by another as yet unexplained observation I made about this particular message. That is the fact that all this garbage text is actually not visible when viewing the message via Domino Web Access, but only via the Notes client. The apparent intent is to give users of web email the impression of greater legitamacy by performing some html tricks to hide the junk.

Maybe there is some way for the spam filters to take advantage of the differently tagged text?

4 - Yes. More false positives more undetected spam, depending on how you set thresholds. The technique is known to some as "word salad", and it does theoretically reduce the effectiveness of naive Bayesian filters. "Sentence salad" goes further, using text taken from published material in order to fool more sophisticated filters that look at combinations of words instead of individual words.

Your Host

KevinPettitt.jpg
Kevin Pettitt View Kevin Pettitt's profile on LinkedIn

Tools I Use

Idea Jam

Subscribe to This Blog

 Full Posts  Comments

MyYahoo
netvibes Add to Netvibes

Contact

Hosted by

OpenNTF

Disclaimer

This site is in no way affiliated, endorsed, sanctioned, supported, nor blessed by Lotus Software nor IBM Corporation, nor any of my past or future clients (although they are welcome to do so). The opinions, theories, facts, etc. presented here are my own and in no way represent any official pronouncement by me on behalf of any other entity.

© 2005-2017 Kevin Pettitt - all rights reserved as listed below.

Creative Commons License
Unless otherwise labeled by its originating author, the content found on this site is made available under the terms of an Attribution / NonCommercial / ShareAlike