I’ve finally seen it: the Ultimate Spam-Filter Avoidance Technique. Today, I got a message in my in-box, big as life, amd it wasn’t even marked as spam. It read:
yx gb dy lz onfy je zhmd dw wk ou jsiudj ecyi hs kp sqwf fq qv hxmu kn xc wm jk jl eb ethz hjlgt hwpn hrmi ptll fx lw dk bk df rl kh qp bl xby fg nxye ig ud mv gdxn rs rtmjm ci ip rs objfx opzoq yeov oi vh gu ltmo co ur by kv he ch qx ic hspf fv gi mh wc cb ep sw lr rz cd yl sp hxyjxz hf wd qq ei oc mcnwk wdziz le jmkpx gjko bx mn ehqupf dd df xb emzzi
Now, don’t get me wrong, but…if your eyes can see what I can see, you probably already understand the problem. Spam filters are designed to search through text looking for key words – like viagra, porn and big financial deals – and shuffle the messages off into oblivion. And, if you look real closely, there’s plenty of text there–lots of it, in fact–all random letters layed out in a nice formatted grid courtessy of “Courier New,” Microsoft’s default Monospaced font.
But what the span filter WON’T see is what your eyes tell you: that this is a sales pitch for that miracle drug that lets men function even when older, failing hardware won’t let them. And this, of course, is just the start. I dropped the part that encoded their website address in the same fashion, as well as the snippet from some story or blog post entry that followed it (in a normal font and text size, of course) in order to fool the filter into thinking this was real.
Now, I should tell you, I filter my own spam. Yes, I have filters on my server(s) mark the spam, but before I get rid of the crap, I like to check it. It wasn’t from someone I knew, but that wouldn’t have mattered. I often get messages from people I meet online, or from friends who’ve changed internet providers and so on. Also, I can generally tell the ones from scammers in South Africa who claim to be needing to use my American bank account(s) to transfer $50,000 to €50 Million out of some defunct corrupt official’s accaounts. Those people just want an account number so that they can rob my US checking account. I just forwarded three of those to SPAM@UCE.GOV, the Federal Trade Commission‘s Span Reporting address.
But this … this has to go. I mean, it’s cool and all … As a geek, I get to point and laugh about how the creative Human Mind can overcome “this Technological Terror they’ve constructed” – one more bit of proof that the computer, while logical and fast, will NEVER be crazier (or better) than us.
But why does it always have to be spammers that figure this stuff out?
bgjy jh lz rc qs wk ou js dj ekox fq hx knthwp smrn jk ebthz hj lg okbq jk rl kh qp bl wf dx rs jm ci ip pl mo co by kv he gc zf wc cb sw lr rz sgul bw we op mzz un
SASS has Spoken.