Cloudmark Detects Crafty Spam Techniques to Bypass Filters
According to a report released by Cloudmark Inc., the security vendor, 90-95% of the total e-mail traffic in the US is spam.
Moreover, based on a regular assessment of worldwide spam by the security vendor, Cloudmark has found a number of crafty spamming tactics that spammer are utilizing this year (2008).
One of the tactics that Cloudmark observes is that of character manipulation. In this, the security company says, IM usernames, phone numbers and e-mail addresses are frequently included in the spam. Sometimes the spammers use innovative spelling methods to spread their messages, substituting characters with "visual puns" like typing '1' for 'i' and '0' for 'o'. A little more creative spammer might also include indistinct content that would mislead the recipient.
The other common spam technique that security analysts outlined relates to an unusual linking with different URLs and domains. Thus, using various methods, spammers insert characters into an URL. For instance, with entity encoding and URI encoding, unprintable characters can be added to an http link without breaking it.
This practice is being taken to a completely new level as spammers discover new ways to modify URLs. In spite of not meeting to accepted Web standards, URL is valid for clicking through web interfaces, e-mail clients and other products used on the Internet.
Another spam technique that Cloudmark has identified is that of disguising spam formats as images, which easily escape from standard filters that merely recognize text-based spam. In addition, spammers hope that users click on these domains first instead of the randomly generated ones.
Also, according to the security researchers and analysts, the traditional stock scam is reportedly rising and being re-crafted to reach new levels to bypass spam filters.
Jeremy Robin, Spam Accuracy Researcher at Cloudmark, said that as anti-spam software become more accurate and sophisticated, spammers also become more inventive and launch even craftier attacks. The overly intense efforts by spammers to bypass filters simply demonstrate their desperation, as reported by MarketWatch on July 16, 2008.
Related article: Cloudmark Warns Against Operators’ Indifference to Hybrid Attacks
» SPAMfighter News - 30-07-2008