|
Welcome to
mickyj.com
|
Why can't
I stop all this spam ???
- ...
Because spammers are always finding new ways to make money!
They are very clever. When you find a way to stop their spam, it stops their
income stream and they are driven to find another way to get the spam
into your inbox.
- In
addition, your antispam methods might not be up to the task.
Why do spammers bother ? I am never
going to buy the Viagra or request the relevant surgery to my
appendages!
It is a fact that 1 in 10,000 people buy from spam.
If the spammer sends out millions of spam's for free (having compromised
someone's PC and using their resources, either by hacking, a virus,
rootkit or other Malware) then they only need a few people to buy those
replica Rolexes and their campaign has paid for itself. This is a lazy
way to make a very good income at someone else's expense.
How do they know I am here?
Some spam emails hide
beacons in their code and when you open one, they know your email address is valid. If
you try and unsubscribe, they know your email address is valid. The
final results is they can sell your email address amongst others to
other marketing companies having verified that you exist. Never reply to
a spammer.
Where did the spam come from and how come it knows I am buying a
car or need a loan?
Ever filled in a
survey? A lot of online surveys
seem innocent as they only ask you 1/3 of your private details.
They might say they need your street number for analysis reasons but do
not ask you for the suburb or street name. Then
you do another two surveys later where they ask you the other details
(and you forgot about the first survey). They
build up a dossier on you. the surveys
might even come from different companies.
The rule here, only fill in details in places where you trust the site
and where you went to
the site yourself, not from a link
(especially a link in an email). This helps lessen the chance of
phising (This usually involves fake
websites and emails spelt similar to the real site and using their
logos, but it is malicious).
There might also be Malware involved.
Watching your emails, watching what websites you frequently use and
finding out about your likes and dislikes. You need to check your
machine for Malware and viruses regularly.
Other general rules
Remember not to unsubscribe links from spam.
It is a clear sign you exist. Do not use your email address on the internet on
websites or forums. Sign off in
forums etc on the web
using contact details like "mickyj(at)micky.com",
mickyj@nospam-removethis.mickyj.com
and other creative ways of hiding your email (Humans can decipher these
tricks, spam gathering tools usually fail). If you use your email
address online in your own personal or
company website, ask your
developer to use a picture made up of your email address
and link it to a server side CGI script
(Programming). Programmed robots trawling
about are clever and can parse (read and scrutinize) your websites looking for the "@"
symbol and the words either side of it. They cultivate your email
addresses and hit you with spam.
(Ever
Googled your email address? Try it. For some people, including me, it is
scary).
How
can I stop the spam and get 99%, even a 100%, of it trapped and
filtered?
There are only two ways I know of. The first is to
use White lists. Lists of people you know and will accept emails from.
Everyone else is blocked and you never see their emails. You also still
need to run antispam over your email (even when using white lists) as address
books are constantly being stolen and you might get spam from a person's
address
you know.
You can also use services where the first email from
anyone is quarantined and not released until you accept them as a valid
person or the sender sends a second email to prove they are real, not a
spammer or robotic programmed tool sending out rubbish. To the lesser
extent, people use black lists and block certain names but as names are
forged and randomly generated, it is pointless.
Some people
subscribe to services that block email from known spamming computers and
servers. In
effect, blacklisting specific originating PC's. This works but more
often than not, blocks real emails. There is one service that seems to
work, a filtering service. These services are usually world wide and
have lots of staff trawling through thousands and thousands of spam
emails every hour, looking for trends and then updating a central
database that replicates out across the world and then filters your
emails. These services are great, but often very expensive. The service
companies need to
pay the staff looking though the emails so it is very costly in money
and time.
What else can I do?
There are
cheaper software solutions (like Trend Micro server based products) you can put onto networks
and the latest mail servers have their own tools (Like the Microsoft
Exchange Intelligent mail filter and recipient filtering). There are
also products like Spam Bayes and other free tools for home computers.
I have network protection
software but
still the spam keeps coming ....
Ok, so you install something like Trend Micro ScanMail Antispam, Trend Micro Internet
messaging and security suite and Exchange IMF. With all this and the
Outlook Junk filters why do I still get spam? How do I stop it?
Without
using a White list or an external service, you need to understand what
you are facing.
Here is where it gets hard. Antispam software tools work on rules and
trends. They can not react as fast as the antispam services and rely on
you not only updating the antispam databases but putting in your own
rules if you see a trend.
You have to
get into the head of a spammer to make these rules. They want their email to get through.
They want the dollars to start appearing in their bank accounts. They
want to rip you off and if you find a solution to get around their spam,
they will find another way to get in front of you. It is a constant tug
of war.
Here are
some examples so that you can see how this Global Graffiti gets to you.
(This is by no means a complete list. There are new ways to get spam
into your inbox created daily).
Html based email with web based content
Spam has most recently appeared as an email
container with
embedded html items. This pulls the content down from the web live
when you view and preview an email and any spam filters can not filter
it real-time as it populates in your preview pane, not at the point
where the email server received it.
This means you received no more than a html text file in your email with
no content. I have blocked this for
some servers by stopping html
emails coming in or turning on huteristics in the mail filters.
This means we stopped 90% of spam. Real
emails got stopped that contained html content. Not a good solution
unless you have a major outbreak.
Forward and reply spam
I have seen a lot of "reply"
and "forward"
spam. Spam filters detected the RE: and FW: in the subjects of emails and then
checked that in the body of the email, there was really an email replied
to. Now, the spammers have started placing a reply in the bodies so that
spam can no longer be stopped. It looks like a legitimate reply.
Example:
From: spammer@spam.com
Sent: Saturday, November 04, 2006 12:56 PM
To: mickyj@mickyj.com
Subject: RE: Request for pricing
Get your Viagra at 1/2 price. That is right ! Click HERE to collect
-----Original Message-----
From: mickyj@mickyj.com
Sent: Saturday, November 04, 2006 12:56 PM
To: spammer@spam.com
Subject: Request for pricing
Please send me your latest price list |
ASCII Spam
Then comes the ASCII spam. This gets through
the filters easily. We tell the filters not to let things like "Viagra"
and other words through but the spammers throw us a curve ball.
We
can't block words made up from random keystrokes that overall spell a
word.
As another
example
Yes, this is made up from very small font
characters like full stop and semi colon. On top of this, they spread
their words out with characters in-between.
Misspelled words
Then the
spammer misspells key
words, abuse our senses with badly formed English sentences and grammar.
It used to be that if you scanned for the
word "teen"
or "girl"
in the subject you could remove most of the spam.
Now it is "Grl" and "Gr8t Grl"
All-natural doctor approved peenis
enlragement formula for guaranteed
and permanent peenis gains has finally become a reality!!! With
Penis Gr0wth
P a t c h Rx, you can finally add up to 3 inches to your peniis
size within
6 months!!!
|
Character substitution
Viagra is
easy to block as a word. Then spammers use V1agra or V!agra. Then it is
V_1agra. You can't possibly have every variation without starting to
stop real emails by accident.
|
All-natural doctor approved peenis
enlragement formula for guaranteed
and permanent peenis gains has finally become a reality!!! With
Penis Gr0wth
P a t c h Rx, you can finally add up to 3 inches to your peniis
size within
6 months!!!
It's better to be silent and
thought a fool, then to speak up and remove all doubt. But
an unwatched kettle over boils! God is a living God.
====================================
When choosing a peniz
en1argement method, there are many MANY options these days.
But very few are worth the money. In fact, most are full
blown scams!
PENIZ GRO,WTH PA,TCHES are the
newest and safest patch you can buy.
Millions of men are already
applying male enhan(ement patch,es daily and watching their
size and drive go through the roof! P,atches deliver the
product into your system in a quicker and more efficient
manner than a pi11 ever could. They are also safer and more
discrete!
En1arge Pat,ch Rx is simply the
best patc,h you will find, anywhere! Millions of men are
taking advantage of this revolutionary product - don't be
left behind!
Unreal price dis(ounts we are
offering for a 1imited time only!
|
How can we determine all the variables ?
Gibberish Spam
Then there are the gibberish spam's which
have a message when read in Outlook but to the spam filter, it is
populated with other words and hides the message like :
Anyone can be hit and you have
no recourse, it was only by accident that I found out at
all. By the fourth season, Family Guy was slick, and almost
predictable. example : adsense Google , revenuepilot. You
have to bring extra skills to the table. For example, my
real name is Kathy but when I apply for jobs I go by the
name Super-Retro-Sexy-Pantihose Girl.
King of the Hill got such a late start because the series
wasn't renewed until the last. He's also most likely to be
much more responsive to requests for new features and
enhancements, especially if they're accompanied by patches.
If only humans found meat hor d'oeuvres to be so intensely
mesmerising. Like, in this instance the fortitude and
foresight to put giant lovehearts on an otherwise mundane
headset. Stop by and request your FREE LAVENDER POWER BEADED
Bracelet and join the fight for Domestic Harmony. They
devour books not one at a time but many across vast
different fields. This incident is indicative of googles
power in controlling what input is allowed into peoples
minds.
If you know what's good for you and your pet's jaded palate,
you will enrol yourself in a dog food cookery class faster
than it takes for Lindsay Lohan to break up with her newest
boyfriend. Anyone can be hit and you have no recourse, it
was only by accident that I found out at all.
This article describes the SQL experiences - positive and
negative - and outlines some of the advice that I've
encountered from different sources. The last thing I want to
do is freak the interviewer out.
I also make sure that my cape is long to create aerodynamic
lift but short enough to show off my ass. With luck and the
help of the community, Advogato may well continue for years
to come.
Create a blog with blogger.
|
Common spam words as images
Then they embed words as an image like
A spell
checker can't detect a spelling error in an image, so how would a spam
engine be able to determine the contents (they can now with OCR but this
also can be bypassed).
If you
carefully place images correctly, you would never know half the email is
text but key words are images.
Non English Characters.
My all-time favorite. A message
that does not appear to have anything wrong with it but actually gets
through the filter because it has Chinese characters between the
letters.
As most of us do not have the correct fonts
installed, Outlook just shows us the English.
They can hide
Cyrillic, Russian or Chinese characters between the letters. The Spam
filter sees all the characters (which looks like gibberish and
does not match any filters) but outlook only shows us
the English.
This means the spam filter lets through
Vci IvAbGdnRdjnA
as it does not look like the word VIAGRA but outlook hides the
ci vbdndjn an and we see it plainly
before us.
Then the blatant text we can not read
Spaced out letters
Again, we can read this but the spam filter sees letters separated by
tabs and spaces.
Image Spam
There are the Rolex spam's where the entire
body of the email is one big picture.
Random text with image
Just enough
text to appear to be a real email but then there is the the attached image. Random
subjects, random bodies, random nonsense.
|
aerial some
kingpin try stanza ! alan in gainful some evolution see
corral try arhat see land , novitiate or lest but opium on
completion or walls or jean and spinach see healy not
aventine , fourteenth ! diversify the proprietor see normal
it hebephrenic on copenhagen in compacter on moe some
offstage
it's initiate in commodious and mosaic it level the
argumentative a bray it epidermis a bhutan try bootlegger a
miscellaneous it's firewall and congresswomen may wink may
donkey on gloomy try bestubble and downspout see uremia in
waylaid it baird try eddie and woke , innocent may iraq not
suburbia it
awash but
razor see pyrotechnic in rangy and archangel in lucille a
osiris , agricola it brookside it's canny or menopause or
dilate or workout but suicidal may judson and curia a
circumference see nevins not glut it teammate see sharon see
bing may belove but throughout and bridgewater may quintet
some
And drugs with subjects like RE:
Warning, RE: Important, FW: Urgent reply required
, you raised your hand if
you thought she had, left it down if you thought she had
blown it.
I guess I dont want to write
after all; I think Ill just take an extra pill and go to
bed. Like an idol, she gave only one thing: a feeling of
unease deepening steadily toward terror.
|
There are the loans or medical
procedures you never applied for
Someone designed an on the fly
spam tool for reading images. The spammers then went to images with
lines and other items through it. This was to make the spam harder to
OCR.
And another ...
Then the started throwing in splashes of
colour, wavy fonts and random sub text like:
|
one giant sphincter that
everything must squeeze through? That could be as a data
store for properties on AJAX enabled web pages and those
properties don't belong in the session after the visitor
navigates to another page on my website.
Kahan recently wrote to MySpace
complaining that friends and family members of death row
inmates were creating MySpace pages for them as a kind of
tribute. So, what's your social media score? Let's shove the
bacon up some you know what.
It wont throw an exception if
the key is not present in the Session.
Does your company reward
entrepeneurial behavior from within the organization? Inside
you can keep track of your trusted network, find others
through your network with similar interests or situations.
Let's shove the bacon up some you know what. Has senior
management stopped making jokes whenever a junior staffer
mentions the word "wiki" in a meeting?
Take your ads and try them in
different landing page configurations, use the data to find
out what incarnation produces the high conversion rate.
Let's shove the bacon up some
you know what.
They, in fact, outnumber the
women.
Ulle encourages publishers to
think of their target audience as a bell curve, and write to
the peak of the curve.
He noted that, traditionally,
longer letters have achieved better long-term results with
customers.
However, if it were not for
several outstanding women and their guidance, I would not be
here now. Yet as we have seen in most of our successful
client situations, a company that "gets it" is usually
driven by one or two passionate individuals who have decided
to lead the charge on social media.
Certainly no criteria could
please everyone; offensive profiles would still exist.
How can you best get over that
barrier?
Inside you
can keep track of your trusted network, find others through
your network with similar interests or situations.
|
Hidden characters and text
Here is an email I received that
looks normal until you try to forward it (This is obviously spam)
Forwarding
it reveals a much more sinister email. This is in fact a dangerous email
and I was cautious enough not to
click the link which would
have caused mayhem.
Stock image
spam
Then there is the stock spam where a simple gif, jpg, pcx or png file was
embedded in the body. No spam filters could OCR or read the spam
at the time.
This meant companies started blocking emails
with images attachments. This was not a good solution.
substation and hidden text like:
Text that is on the page but in a white font or some other cloaking
method.
Notice the blue lines at the end where I
highlighted the hidden white text with
my mouse (As if to cut and paste - dragged the mouse over it).
promises of money
|
U.S.A MEGA MILLIONS
INTERNATIONAL LOTTERY. FROM:INTERNATIONAL PROMOTION/PRIZE
AWARD DEPT.
REFERENCE: 67/80/IPD
BATCH: EGGS-541-623-782:
RE: WINNING NOTIFICATION/FINAL
NOTICE
Sir/Madam,
We are
pleased to inform you of the result of the 50 millions
United State Of America Lottery Winners International E-mail
programs held on the 16TH Of October and result where
release on the 1ST Of NOVEMBER 2006.
Your E-mail
address attached to ticket number 653-908-321-675 with
serial main number
345-790-241-671 drew lucky star numbers 34-32-90-43-32 which
consequently won in the 2ND
category, you have therefore
been approved for a lump sum pay out of $1.000.000.00 ( One
Million Dollars).
CONGRATULATIONS!!!
Due to mix
up of some numbers and names, we ask that you keep your
winning information
confidential until your claims has been processed and your
award remitted to you. This is
part of our
security protocol to avoid double claiming and unwarranted
abuse of this program
by some
participants. All participants were selected through a
computer ballot system drawn
from over
100,000 company and 50,000,000 individual email addresses
and names from all over
the world.
This
lottery was promoted and sponsored by United State Of
America International Lottery board in order to enhance and
promote the use of Internet Explorer Users and
Microsoft-wares around the globe.
This
promotional program takes place once in three years. We hope
with part of your winning
you will take part in our end of
year 50 millions United State Of America International
Lottery.
To file for your claim,please
contact our Fiducial Agent.(CLAIM AGENT)
|
|
Europe
Million Lottery Inter.
Osdroplien 450, 1120AH ,
Belgium.
Affiliate of Europe National Lottery.
Sir/Madam,
CONGRATULATIONS: YOU WON 1,000,000.00.
We are
pleased to inform you of the result of Europe National
Lottery which was held on the 15th, November 2006. Your
e-mail address attached
to
e-ticket number: 834509819, with Prize Number: 237359446
drew a prize of 1,000,000.00 (One Million Euros).
This
lucky draw came first in the 2nd Category of the
Sweepstake. You will receive the sum of 1,000,000.00
(One Million Euros) from
our
authorized bank.Because of some mix-up with sweepstake
prizes, including the time limited placed on the payment
of your prize: 1,000,000.00,
we
advice that you keep all information about this prize
confidential until your funds: 1,000,000.00 have been
transferred to you by our bank.
You
must adhere to this instruction, strictly, to avoid any
delay with the release of your funds to your person.
This program has
been
abused severally in past, so we are doing our best to
forestall further occurrence of false claims. This
sweepstake was conducted
under
the watchful eyes of 8,000 spectators. Your e-mail
address was selected and came out first by a e-ballot
draw from over
250,000
e-mail addresses (personal and corporate e-mail
addresses).
This
program is sponsored by CFI Networks to compensate
faithful internet suffers around the globe.
Congratulations for becoming
one of
the few lucky winners.With your permission, your e-mail
will also be included in the next sweepstake of
5Million.
You
must claim your prize: 1,000,000.00 not later than
14-days from the moment you receive this e-mail.
In
order to avoid unnecessary delays with your claim from
the bank. please contact them immediately,
and
quote your winning and personal information to the Bank
in all your correspondence with the paying bank.
The latest in tricky
html spam
|
Coded Text
This email
arrives with obvious words you would think are blocked. Things like Viagra. how did
it get through ? It is text, you can highlight it. It is not an image.
It is actually a fancy piece of code. As you start to
highlight the words, the real text appears. You can't set your spam
engine to scan for
ZsFHAEWCgeGxfBvshshbdjVDj as the coded text changes from email to
email.
There are
the
clever bank spam messages (Phising). Using the bank logos, the spam
usually requests you
logon and change your details (Hence grabbing your details).
The
email might panic you into acting, the email saying your account details have been
compromised. It might say you owe money.
Here is one
I received from Ebay. It was followed up with an email to say I owed
them money for the item and then an email from Paypal saying there was
fraud on my account to pay for this item.
The aim was
to scare me to follow the link in the email to Ebay and Paypal to
resolve the issue, letting them grab my details.
There are lots of fake eBay payment requests
for real items sold on Ebay, hoping to make money from you clicking
links and putting in your soon to be stolen Ebay credentials. These and
the many bank ones with the correct logo, have links that look correct
but the email body is full of broken English.
Email
that seems to come from within your company
Emails from your "customer support" or even
Microsoft updates. Spammers want you to get viruses as they can turn
your PC into a spamming work horse. They use these tricks to get the
viruses and links to you. The spammers can get access to internal
email address books and try and pretend to be your IT helpdesk and ask
for your passwords. This is social engineering and considered a valid
form of hackling.
gibberish with hidden code
Here is an email where only the text appears
in the email but if you click on the text, it took you off to a website.
It was all hidden behind an image embedded in the email.
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=utf-8">
<META content="MSHTML 6.00.2800.1522" name=GENERATOR></HEAD>
<BODY bgcolor="#FFFFFA" text="#D115F3">
<a hREf=http://afglmtd.cn/index.php?sect_id=6>
<img src="cid:LLMXQUPHXJ" border=0></a>
</p><p><font color="#FFFFFD">Bet your ass. abstract boltzmann He
cackled, then moaned, then screamed.</font></p><p><font
color="#FFFFF4">His face was a square of granite with a few narrow lines
carved into it at the eyes and the corners of the mouth. I wouldn't be a
bit surprised. "he cried, and cracked the whip, wincing. Let her have
one! ""Did he drink the soda here? Trouble was, the nasty thing had a
way of escaping and coming back time after time, in one form or another.
The man who had done that had been free and healthy and feeling good,
and had been without the wit to appreciate any of those fine things.
boxy</font></p>
</BODY>
</HTML>
If you need more examples of ways
to beat the system, look in your inbox and ponder how that spam got there.
Now you are armed with information about spam and examples, now you can work
towards a solution with a bit of understanding.
|
Help make this article easy to find for others.
If you belong to one of the following Network sites, please click to vote for this page.
(If you are not registered, it is free)
To keep up to date you can
refer to my blog
 
|
If you are viewing this page then these specific other pages in this series might be of interest to you:
Tools to remove Malware and Viruses
Tools to remove Malware etc but still under review by me
A page dedicated to helping you get the information needed to remove Malware
Spybot installation steps
How to perform an online Housecall Virus scan
What is Malware ?
Why are people using my email address?
How did someone steal my Email address?
Why is my email being blocked ?
How can I reduce spam ?
Why did I get infected ?
How to Handle Spam!
Why do I get all these bounce backs to my email address ?
What is a
Drive-By Malware attack ?
( )
|
|
