Archive for Spam

The Ultimate Spam-Filter Avoidance Technique

I’ve finally seen it: the Ultimate Spam-Filter Avoidance Technique.  Today, I got a message in my in-box, big as life, amd it wasn’t even marked as spam.  It read:

gb    dy  lz                                        onfy     je       zhmd     dw 
wk    ou                                           jsiudj  ecyi      hs  kp  sqwf 
 fq  qv                                            hxmu      kn          xc    wm 
 jk  jl   eb   ethz    hjlgt  hwpn   hrmi          ptll      fx          lw    dk 
 bk  df   rl      kh  qp  bl  xby       fg          nxye     ig         ud     mv 
  gdxn    rs   rtmjm  ci  ip  rs     objfx  opzoq    yeov    oi        vh      gu 
  ltmo    co  ur  by  kv  he  ch    qx  ic           hspf    fv       gi       mh 
   wc     cb  ep  sw  lr  rz  cd    yl  sp         hxyjxz    hf      wd        qq 
   ei     oc   mcnwk   wdziz  le     jmkpx          gjko     bx  mn  ehqupf    dd 
                          df                         xb 

Now,  don’t get me wrong, but…if your eyes can see what I can see, you probably already understand the problem.  Spam filters are designed to search through text looking for key words – like viagra, porn and big financial deals – and shuffle the messages off into oblivion.  And, if you look real closely, there’s plenty of text there–lots of it, in fact–all random letters layed out in a nice formatted grid courtessy of “Courier New,” Microsoft’s default Monospaced font.

But what the span filter WON’T see is what your eyes tell you: that this is a sales pitch for that miracle drug that lets men function even when older, failing hardware won’t let them.  And this, of course, is just the start.  I dropped the part that encoded their website address in the same fashion, as well as the snippet from some story or blog post entry that followed it (in a normal font and text size, of course) in order to fool the filter into thinking this was real.

Now, I should tell you, I filter my own spam.  Yes, I have filters on my server(s) mark the spam, but before I get rid of the crap, I like to check it.  It wasn’t from someone I knew, but that wouldn’t have mattered.  I often get messages from people I meet online, or from friends who’ve changed internet providers and so on.  Also, I can generally tell the ones from scammers in South Africa who claim to be needing to use my American bank account(s) to transfer $50,000 to €50 Million out of some defunct corrupt official’s accaounts.  Those people just want an account number so that they can rob my US checking account.  I just forwarded three of those to SPAM@UCE.GOV, the Federal Trade Commission‘s Span Reporting address.

But this … this has to go.  I mean, it’s cool and all … As a geek, I get to point and laugh about how the creative Human Mind can overcome “this Technological Terror they’ve constructed” – one more bit of proof that the computer, while logical and fast, will NEVER be crazier (or better) than us.

But why does it always have to be spammers that figure this stuff out?

 bgjy   jh      lz    rc     qs 
wk  ou  js            dj    ekox 
fq      hx          knthwp  smrn 
 jk     ebthz   hj    lg    okbq 
  jk    rl  kh  qp    bl     wf 
   dx   rs  jm  ci    ip     pl 
    mo  co  by  kv    he     gc 
zf  wc  cb  sw  lr    rz 
 sgul   bw  we  op     mzz   un

SASS has Spoken.


Comments (2)