Welcome to 

    mickyj.com

   


















     

     

    

    


 

 

Why can't I stop all this spam ???
  • ... Because spammers are always finding new ways to make money! They are very clever. When you find a way to stop their spam, it stops their income stream and they are driven to find another way to get the spam into your inbox.
  • In addition, your antispam methods might not be up to the task.

Why do spammers bother ? I am never going to buy the Viagra or request the relevant surgery to my appendages!
It is a fact that 1 in 10,000 people buy from spam.
If the spammer sends out millions of spam's for free (having compromised someone's PC and using their resources, either by hacking, a virus, rootkit or other Malware) then they only need a few people to buy those replica Rolexes and their campaign has paid for itself. This is a lazy way to make a very good income at someone else's expense.

How do they know I am here?
Some spam emails hide beacons in their code and when you open one, they know your email address is valid. If you try and unsubscribe, they know your email address is valid. The final results is they can sell your email address amongst others to other marketing companies having verified that you exist. Never reply to a spammer.

Where did the spam come from and how come it knows I am buying a car or need a loan?
Ever filled in a survey? A lot of online surveys seem innocent as they only ask you 1/3 of your private details.
They might say they need your street number for analysis reasons but do not ask you for the suburb or street name. Then you do another two surveys later where they ask you the other details (and you forgot about the first survey). They build up a dossier on you. the surveys might even come from different companies.

The rule here, only fill in details in places where you trust the site and where you went to the site yourself, not from a link (especially a link in an email). This helps lessen the chance of phising (This usually involves fake websites and emails spelt similar to the real site and using their logos, but it is malicious).

There might also be Malware involved. Watching your emails, watching what websites you frequently use and finding out about your likes and dislikes. You need to check your machine for Malware and viruses regularly.

 
Other general rules
Remember not to unsubscribe links from spam. It is a clear sign you exist. Do not use your email address on the internet on websites or forums. Sign off in forums etc on the web using contact details like "mickyj(at)micky.com", mickyj@nospam-removethis.mickyj.com and other creative ways of hiding your email (Humans can decipher these tricks, spam gathering tools usually fail). If you use your email address online in your own personal or company website, ask your developer to use a picture made up of your email address and link it to a server side CGI script (Programming)Programmed robots trawling about are clever and can parse (read and scrutinize) your websites looking for the "@" symbol and the words either side of it. They cultivate your email addresses and hit you with spam.

 (Ever Googled your email address? Try it. For some people, including me, it is scary).
 

How can I stop the spam and get 99%, even a 100%, of it trapped and filtered?
There are only two ways I know of. The first is to use White lists. Lists of people you know and will accept emails from. Everyone else is blocked and you never see their emails. You also still need to run antispam over your email (even when using white lists) as address books are constantly being stolen and you might get spam from a person's address you know.
 
You can also use services where the first email from anyone is quarantined and not released until you accept them as a valid person or the sender sends a second email to prove they are real, not a spammer or robotic programmed tool sending out rubbish. To the lesser extent, people use black lists and block certain names but as names are forged and randomly generated, it is pointless.
 
Some people subscribe to services that block email from known spamming computers and servers. In effect, blacklisting specific originating PC's. This works but more often than not, blocks real emails. There is one service that seems to work, a filtering service. These services are usually world wide and have lots of staff trawling through thousands and thousands of spam emails every hour, looking for trends and then updating a central database that replicates out across the world and then filters your emails. These services are great, but often very expensive. The service companies need to pay the staff looking though the emails so it is very costly in money and time.
 
What else can I do?
There are cheaper software solutions (like Trend Micro server based products) you can put onto networks and the latest mail servers have their own tools (Like the Microsoft Exchange Intelligent mail filter and recipient filtering). There are also products like Spam Bayes and other free tools for home computers.
 
I have network protection software but still the spam keeps coming ....
Ok, so you install something like Trend Micro ScanMail Antispam, Trend Micro Internet messaging and security suite and Exchange IMF. With all this and the Outlook Junk filters why do I still get spam? How do I stop it?
 
Without using a White list or an external service, you need to understand what you are facing.

Here is where it gets hard. Antispam software tools work on rules and trends. They can not react as fast as the antispam services and rely on you not only updating the antispam databases but putting in your own rules if you see a trend.
 
You have to get into the head of a spammer to make these rules. They want their email to get through. They want the dollars to start appearing in their bank accounts. They want to rip you off and if you find a solution to get around their spam, they will find another way to get in front of you. It is a constant tug of war.
 
Here are some examples so that you can see how this Global Graffiti gets to you. (This is by no means a complete list. There are new ways to get spam into your inbox created daily).

 

Spam has most recently appeared as an email container with embedded html items. This  pulls the content down from the web live when you view and preview an email and any spam filters can not filter it real-time as it populates in your preview pane, not at the point where the email server received it.

This means you received no more than a html text file in your email with no content. I have blocked this for some servers by stopping html emails coming in or turning on huteristics in the mail filters.

This means we stopped 90% of spam. Real emails got stopped that contained html content. Not a good solution unless you have a major outbreak.
Forward and reply spam
I have seen a lot of "reply" and "forward" spam. Spam filters detected the RE: and FW: in the subjects of emails and then checked that in the body of the email, there was really an email replied to. Now, the spammers have started placing a reply in the bodies so that spam can no longer be stopped. It looks like a legitimate reply.

 

Example:
 

From: spammer@spam.com
Sent: Saturday, November 04, 2006 12:56 PM
To: mickyj@mickyj.com
Subject: RE: Request for pricing

Get your Viagra at 1/2 price. That is right ! Click HERE to collect

-----Original Message-----
From: mickyj@mickyj.com
Sent: Saturday, November 04, 2006 12:56 PM
To: spammer@spam.com
Subject: Request for pricing

Please send me your latest price list

 

ASCII Spam
Then comes the ASCII spam. This gets through the filters easily. We tell the filters not to let things like "Viagra" and other words through but the spammers throw us a curve ball.

We can't block words made up from random keystrokes that overall spell a word.


As another example
 


Yes, this is made up from very small font characters like full stop and semi colon. On top of this, they spread their words out with characters in-between.
 

 

Misspelled words
Then the spammer misspells key words, abuse our senses with badly formed English sentences and grammar.
 
It used to be that if you scanned for the word "teen" or "girl" in the subject you could remove most of the spam.

Now it is "Grl" and "Gr8t Grl"

All-natural doctor approved peenis enlragement formula for guaranteed
and permanent peenis gains has finally become a reality!!! With Penis Gr0wth
P a t c h Rx, you can finally add up to 3 inches to your peniis size within
6 months!!!
 
Character substitution
Viagra is easy to block as a word. Then spammers use V1agra or V!agra. Then it is V_1agra. You can't possibly have every variation without starting to stop real emails by accident.
 

All-natural doctor approved peenis enlragement formula for guaranteed
and permanent peenis gains has finally become a reality!!! With Penis Gr0wth
P a t c h Rx, you can finally add up to 3 inches to your peniis size within
6 months!!!

It's better to be silent and thought a fool, then to speak up and remove all doubt. But an unwatched kettle over boils! God is a living God. ====================================
When choosing a peniz en1argement method, there are many MANY options these days. But very few are worth the money. In fact, most are full blown scams!
PENIZ GRO,WTH PA,TCHES are the newest and safest patch you can buy.
Millions of men are already applying male enhan(ement patch,es daily and watching their size and drive go through the roof! P,atches deliver the product into your system in a quicker and more efficient manner than a pi11 ever could. They are also safer and more discrete!
En1arge Pat,ch Rx is simply the best patc,h you will find, anywhere! Millions of men are taking advantage of this revolutionary product - don't be left behind!
Unreal price dis(ounts we are offering for a 1imited time only!
http://www.removeddomain.com/ - Go here now and Get it!

 

 
 
How can we determine all the variables ?
 
Gibberish Spam
 
Then there are the gibberish spam's which have a message when read in Outlook but to the spam filter, it is populated with other words and hides the message like :
 
Anyone can be hit and you have no recourse, it was only by accident that I found out at all. By the fourth season, Family Guy was slick, and almost predictable. example : adsense Google , revenuepilot. You have to bring extra skills to the table. For example, my real name is Kathy but when I apply for jobs I go by the name Super-Retro-Sexy-Pantihose Girl.


King of the Hill got such a late start because the series wasn't renewed until the last. He's also most likely to be much more responsive to requests for new features and enhancements, especially if they're accompanied by patches. If only humans found meat hor d'oeuvres to be so intensely mesmerising. Like, in this instance the fortitude and foresight to put giant lovehearts on an otherwise mundane headset. Stop by and request your FREE LAVENDER POWER BEADED Bracelet and join the fight for Domestic Harmony. They devour books not one at a time but many across vast different fields. This incident is indicative of googles power in controlling what input is allowed into peoples minds.


If you know what's good for you and your pet's jaded palate, you will enrol yourself in a dog food cookery class faster than it takes for Lindsay Lohan to break up with her newest boyfriend. Anyone can be hit and you have no recourse, it was only by accident that I found out at all.
This article describes the SQL experiences - positive and negative - and outlines some of the advice that I've encountered from different sources. The last thing I want to do is freak the interviewer out.
I also make sure that my cape is long to create aerodynamic lift but short enough to show off my ass. With luck and the help of the community, Advogato may well continue for years to come.


Create a blog with blogger.

 

Common spam words as images
Then they embed words as an image like
A spell checker can't detect a spelling error in an image, so how would a spam engine be able to determine the contents (they can now with OCR but this also can be bypassed).
If you carefully place images correctly, you would never know half the email is text but key words are images.

Non English Characters.
My all-time favorite. A message that does not appear to have anything wrong with it but actually gets through the filter because it has Chinese characters between the letters.
As most of us do not have the correct fonts installed, Outlook just shows us the English.
 

 

 

They can hide Cyrillic, Russian or Chinese characters between the letters. The Spam filter sees all the characters (which looks like gibberish and

does not match any filters) but outlook only shows us the English.
This means the spam filter lets through Vci IvAbGdnRdjnA as it does not look like the word VIAGRA but outlook hides the ci vbdndjn an and we see it plainly before us.

Then the blatant text we can not read

 

 

Spaced out letters
Again, we can read this but the spam filter sees letters separated by tabs and spaces.

 


Image Spam
There are the Rolex spam's where the entire body of the email is one big picture.
 

Random text with image
Just enough text to appear to be a real email but then there is the the attached image. Random subjects, random bodies, random nonsense.
 
aerial some  kingpin try stanza ! alan in gainful some evolution see corral try arhat see land , novitiate or lest but opium on completion or walls or jean and spinach see healy not aventine , fourteenth ! diversify the proprietor see normal it hebephrenic on copenhagen in compacter on moe some
offstage it's  initiate in commodious and mosaic it level the argumentative a bray it epidermis a bhutan try bootlegger a miscellaneous it's firewall and congresswomen may wink may donkey on gloomy try bestubble and downspout see uremia in waylaid it baird try eddie and woke , innocent may iraq not suburbia it
awash but  razor see pyrotechnic in rangy and archangel in lucille a osiris , agricola it brookside it's canny or menopause or dilate or workout but suicidal may judson and curia a circumference see nevins not glut it teammate see sharon see bing may belove but throughout and bridgewater may quintet some
And drugs with subjects like RE: Warning, RE: Important, FW: Urgent reply required

, you raised your hand if you thought she had, left it down if you thought she had blown it.
I guess I dont want to write after all; I think Ill just take an extra pill and go to bed. Like an idol, she gave only one thing: a feeling of unease deepening steadily toward terror.

 

 

There are the loans or medical procedures you never applied for

Normally an indication that you might have some form of Malware on your workstation.


 
Images with imperfections
To avoid the OCR image spam filters, there is the the truly bizarre, an image you can read but with enough imperfections that even spam engines that can read text in images, are fooled and let the email through.
 

 
Someone designed an on the fly spam tool for reading images. The spammers then went to images with lines and other items through it. This was to make the spam harder to OCR.
 

And another ...

 
Then the started throwing in splashes of colour, wavy fonts and random sub text like:
 

one giant sphincter that everything must squeeze through? That could be as a data store for properties on AJAX enabled web pages and those properties don't belong in the session after the visitor navigates to another page on my website.
Kahan recently wrote to MySpace complaining that friends and family members of death row inmates were creating MySpace pages for them as a kind of tribute. So, what's your social media score? Let's shove the bacon up some you know what.
It wont throw an exception if the key is not present in the Session.
Does your company reward entrepeneurial behavior from within the organization? Inside you can keep track of your trusted network, find others through your network with similar interests or situations. Let's shove the bacon up some you know what. Has senior management stopped making jokes whenever a junior staffer mentions the word "wiki" in a meeting?
Take your ads and try them in different landing page configurations, use the data to find out what incarnation produces the high conversion rate.
Let's shove the bacon up some you know what.
They, in fact, outnumber the women.
Ulle encourages publishers to think of their target audience as a bell curve, and write to the peak of the curve.
He noted that, traditionally, longer letters have achieved better long-term results with customers.
However, if it were not for several outstanding women and their guidance, I would not be here now. Yet as we have seen in most of our successful client situations, a company that "gets it" is usually driven by one or two passionate individuals who have decided to lead the charge on social media.
Certainly no criteria could please everyone; offensive profiles would still exist.
How can you best get over that barrier?
Inside you can keep track of your trusted network, find others through your network with similar interests or situations.

 

Fake Friend emails and greeting cards
There are the emails that pretend to be friends. They come from friends, colleagues, partners and people you don't know.
 
Promises of great programs attached in Zip files and the like, also cause grief went sent by impersonating your friends and getting you to click the zip file.
 


 

Or just try and con you with Subjects like "news"
 
 

 
 
Hidden characters and text
 
Here is an email I received that looks normal until you try to forward it (This is obviously spam)
 
 
 
 
Forwarding it reveals a much more sinister email. This is in fact a dangerous email and I was cautious enough not to click the link which would have caused mayhem.
 
 
 
Stock image spam
Then there is the stock spam where a simple gif, jpg, pcx or png file was embedded in the body. No spam filters could OCR or read the spam at the time.

 
This meant companies started blocking emails with images attachments. This was not a good solution.
 

substation and hidden text like:
Text that is on the page but in a white font or some other cloaking method.
 
 
Notice the blue lines at the end where I highlighted the hidden white text with my mouse (As if to cut and paste - dragged the mouse over it).
 
  
 
promises of money
 
U.S.A MEGA MILLIONS INTERNATIONAL LOTTERY. FROM:INTERNATIONAL PROMOTION/PRIZE AWARD DEPT.
REFERENCE: 67/80/IPD
BATCH: EGGS-541-623-782:
RE: WINNING NOTIFICATION/FINAL NOTICE
Sir/Madam,
We are pleased to inform you of the result of the 50 millions United State Of America Lottery Winners International E-mail programs held on the 16TH Of October and result where release on the 1ST Of NOVEMBER 2006.
Your E-mail address attached to ticket number 653-908-321-675 with serial main number
345-790-241-671 drew lucky star numbers 34-32-90-43-32 which consequently won in the 2ND
category, you have therefore been approved for a lump sum pay out of $1.000.000.00 ( One Million Dollars).
CONGRATULATIONS!!!
Due to mix up of some numbers and names, we ask that you keep your winning information
confidential until your claims has been processed and your award remitted to you. This is
part of our security protocol to avoid double claiming and unwarranted abuse of this program
by some participants. All participants were selected through a computer ballot system drawn
from over 100,000 company and 50,000,000 individual email addresses and names from all over
the world.
This lottery was promoted and sponsored by United State Of America International Lottery board in order to enhance and promote the use of Internet Explorer Users and Microsoft-wares around the globe.
This promotional program takes place once in three years. We hope with part of your winning
you will take part in our end of year 50 millions United State Of America International Lottery.
To file for your claim,please contact our Fiducial Agent.(CLAIM AGENT)

 

 
 
Europe Million Lottery Inter.
Osdroplien 450, 1120AH ,
Belgium.
Affiliate of Europe National Lottery.
Sir/Madam,
CONGRATULATIONS: YOU WON 1,000,000.00.
We are pleased to inform you of the result of Europe National Lottery which was held on the 15th, November 2006. Your e-mail address attached
to e-ticket number: 834509819, with Prize Number: 237359446 drew a prize of 1,000,000.00 (One Million Euros).
 
This lucky draw came first in the 2nd Category of the Sweepstake. You will receive the sum of 1,000,000.00 (One Million Euros) from
our authorized bank.Because of some mix-up with sweepstake prizes, including the time limited placed on the payment of your prize: 1,000,000.00,
we advice that you keep all information about this prize confidential until your funds: 1,000,000.00 have been transferred to you by our bank.
You must adhere to this instruction, strictly, to avoid any delay with the release of your funds to your person. This program has
been abused severally in past, so we are doing our best to forestall further occurrence of false claims. This sweepstake was conducted
under the watchful eyes of 8,000 spectators. Your e-mail address was selected and came out first by a e-ballot draw from over
250,000 e-mail addresses (personal and corporate e-mail addresses).
 
This program is sponsored by CFI Networks to compensate faithful internet suffers around the globe. Congratulations for becoming
one of the few lucky winners.With your permission, your e-mail will also be included in the next sweepstake of 5Million.
You must claim your prize: 1,000,000.00 not later than 14-days from the moment you receive this e-mail.
In order to avoid unnecessary delays with your claim from the bank. please contact them immediately,
and quote your winning and personal information to the Bank in all your correspondence with the paying bank.
The latest in tricky html spam

 

 
Coded Text
 
This email arrives with obvious words you would think are blocked. Things like Viagra. how did it get through ? It is text, you can highlight it. It is not an image.
 


It is actually a fancy piece of code. As you start to highlight the words, the real text appears. You can't set your spam engine to scan for
ZsFHAEWCgeGxfBvshshbdjVDj  as the coded text changes from email to email.
 

 

Phising

There are the clever bank spam messages (Phising). Using the bank logos, the spam usually requests you logon and change your details (Hence grabbing your details).
The email might  panic you into acting, the email  saying your account details have been compromised. It might say you owe money.
 
Here is one I received from Ebay. It was followed up with an email to say I owed them money for the item and then an email from Paypal saying there was fraud on my account to pay for this item.
 
The aim was to scare me to follow the link in the email to Ebay and Paypal to resolve the issue, letting them grab my details.
 
 
 
 

 
There are lots of fake eBay payment requests for real items sold on Ebay, hoping to make money from you clicking links and putting in your soon to be stolen Ebay credentials. These and the many bank ones with the correct logo, have links that look correct but the email body is full of broken English.
 

Email that seems to come from within your company
Emails from your "customer support" or even Microsoft updates. Spammers want you to get viruses as they can turn your PC into a spamming work horse. They use these tricks to get the viruses and links to you. The spammers can get access to internal email address books and try and pretend to be your IT helpdesk and ask for your passwords. This is social engineering and considered a valid form of hackling.
 

gibberish with hidden code
 
Here is an email where only the text appears in the email but if you click on the text, it took you off to a website. It was all hidden behind an image embedded in the email.
 


<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=utf-8">
<META content="MSHTML 6.00.2800.1522" name=GENERATOR></HEAD>
<BODY bgcolor="#FFFFFA" text="#D115F3">
<a hREf=
http://afglmtd.cn/index.php?sect_id=6>
<img src="cid:LLMXQUPHXJ" border=0></a>
</p><p><font color="#FFFFFD">Bet your ass. abstract boltzmann He cackled, then moaned, then screamed.</font></p><p><font color="#FFFFF4">His face was a square of granite with a few narrow lines carved into it at the eyes and the corners of the mouth. I wouldn't be a bit surprised. "he cried, and cracked the whip, wincing. Let her have one! ""Did he drink the soda here? Trouble was, the nasty thing had a way of escaping and coming back time after time, in one form or another. The man who had done that had been free and healthy and feeling good, and had been without the wit to appreciate any of those fine things. boxy</font></p>
</BODY>
</HTML>
 

 


 

If you need more examples of ways to beat the system, look in your inbox and ponder how that spam got there. Now you are armed with information about spam and examples, now you can work towards a solution with a bit of understanding.

 

 

Help make this article easy to find for others. If you belong to one of the following Network sites, please click to vote for this page. (If you are not registered, it is free)

 

 
Del.icio.us
Digg
Technorati
Blinklist
Furl
reddit

To keep up to date you can refer to my blog

 

If you are viewing this page then these specific other pages in this series might be of interest to you:

  • Tools to remove Malware and Viruses
  • Tools to remove Malware etc but still under review by me
  • A page dedicated to helping you get the information needed to remove Malware
  • Spybot installation steps
  • How to perform an online Housecall Virus scan
  • What is Malware ?
  • Why are people using my email address?
  • How did someone steal my Email address?
  • Why is my email being blocked ?
  • How can I reduce spam ?
  • Why did I get infected ?
  • How to Handle Spam!
  • Why do I get all these bounce backs to my email address ?
  • What is a Drive-By Malware attack ?

     

     

     

     

     

        

     

         ( )

     

  •  

     

     

                                                                 This page was written and designed by Michael Jenkin 2011 ©