Bunkum Splotched, Spatula Seethed And The Creativity Of Spammer Naming
from the it's-that-time-of-the-year dept
Yes, we’re reaching that time of the year when the news slows down and we get a combination of predictions (again?) and bizarre filler stories. Count this next one among the latter. Jack Kapica of the Globe and Mail apparently has been keeping track of the bizarre (yet creative) names that spammers choose in emailing him. If you’ve never noticed, it seems that spammers tend to come up with some of the most bizarre names: “Ovaries Secreter, Emm Zcacsog, Bella Pxolc, Candida Outlaw, Capote Dogie, Macon Expel, Exhibitionism Phoneys, Tillman Unscrew, Nuptials Overgenerous, Letdowns Gastritis, Dionysius Swindall, Slugged Shindig, Concessions Burgles, Fikriyya Gurney and Shea Snay.” It makes you wonder why they bother. Do these names get through spam filters better? Are they more convincing to make people buy from them? Or are the spammers just bored out of their minds, and this is an outlet? Or, most likely of all, they just use some program to grab two words at random off the internet somewhere.
Comments on “Bunkum Splotched, Spatula Seethed And The Creativity Of Spammer Naming”
…and they should be beaten inside a burlap bag xD
Seriously though, before I started using GMail, I used HoTMaiL. Every single day I’d clear out at least 10-20 spam emails. Even AFTER I’d check them as spam, they would STILL get through. I’m sure M$ sells @hotmail.com accounts to spammers. I’m never using hotmail again…(well, except for my X360 account…)
My understanding is that spammers use these random words to defeat the spam filters by diluting the “spam” keywords that may trigger the filter with a bunch of essentially white noise.
No Subject Given
i got some spam from “monkey sex” once. that made my day.
We should all remember playing the two word juxtaposition game before. Apparently the spammers have gotten hold of the random password engine that generated the wonderful binymials found in everyone’s favorite real world spam, the AOL mailings. Think AOL will to sue over the trademark infringement?
No Subject Given
I’ll stick with the classics: Craven Moorehead, Heywood Giblome, Hugh Jass, Mike Hunt, Harry Butz, Fonda Cox, etc…
No Subject Given
Yeah, some spammers use not just random ‘friendly names’ and subjects, but random excerpts of text in the message body too. Here is an example of a weird spam wave we’ve been seeing at the office. The only consistent thing about the messages is the hard to read ‘ad’:
From: “Gladwyn Orick” email@example.com
To: “Jarvis Jacox” [a fake name with no relation to the e-mail adddress]
Subject: Re: runin cornflower
David, what happened? Alex mentioned Medusa- Its a mess and hes right,
he has to go higher up with it. Him, not us. We stay out. Far away out.
What happened? repeated Marie. Whats the old Medusa got to do with
anything? Theres a new Medusa-an extension of the old one, actually-and
its big and ugly and it kills, they kill. I saw that tonight; one of
their guns tried to kill me after thinking hed killed Cactus and
murdering two innocent men. Good God! Alex told me about Cactus when he
called me back, but nothing else. How is your Uncle Remus? Hell make it.
The Agency doctor came out and took him and the last brother away.
Re: No Subject Given
You know, it’s quite easy to make a *very* effective spam filter that catches things like this extremely well. It’s called Bayesian filtering.
Step 1: Take a corpus of spam and legitimate mail.
Step 2: Break the entire corpus into tokens, breaking along whitespace. Include every part of a message, including headers, into the token list.
Step 3: Analyze the relative frequency of each word, and assign it a probably of appearing in a spam mail vs. legitimate mail.
Step 4: Whenever a new mail comes in, tokenize it and assign probabilities to each mail based on the corpus data.
Step 5: Grab the 20 or so ‘most interesting’ tokens, defined as the tokens that are most strongly spam or non-spam.
Step 6: Average the probabilities of the interesting tokens, and if it’s above a certain limit, label the mail as spam.
Step 7: Update the spam probabilities based on this new mail.
There you go! Spam trigger words become very highly indicative of spam (a probability very near 1) while words that often appear in your legitimate mail become very indicative of the opposite (probability very near 0). Since only the ‘interesting’ words are taken into consideration, trying to dilute the probability with white noise won’t have any effect (and will only make the words used in white noise be rated as more likely spammy). Weird spellings and such that spammers use to try to get around blacklists are even better, because they’ll almost certainly not appear in legitimate mail, and become an automatic flag for spam after you see them once.
Trials with the process show a highly effective filter that produces virtually zero false positives.
Given this, that mail you just posted would have been caught automatically.