Search the Community
Showing results for tags 'filter'.
Found 2 results
Hi all, just back after taking a summer break from baiting. I came across something I have not seen before when I sent an e-mail to the 'banker', a request to click on a link in order to have my message delivered. Supposedly the lad uses Boxbe which looks legit but I am wondering if this is a phishing attempt since the scam originated from one of my more elaborate and long-running baits. Has anyone come across this? I want to continue the bait but not if my data or privacy will be compromised! I can submit the original message as a pm if someone wants to look at it.
How did that scam/spam get past the spam filter? 1. Shoving everything in an attachment Many email providers still don't scan attachment contents; sometimes the email says "please see attachment" but sometimes the email is blank altogether Example: http://scammed.by/scam.php?id=65330 2. Adding lots of random extra characters to the email These characters are inserted between each letter of the spam email, and made very small and made be the same colour as the email background. So you can't see them. Remove the formatting, and the email looks like nonsense, and the spam filter can't detect any bad words. Look at the email below: It all makes sense, doesn't it? Now look at the email, with all the content highlighted: Both are the same email! But in the second example, you can see that text exists between each letter but the text is 'invisible'. It's very small, and the same colour as the background. So you can't see it, but the spam filter can Here's how it's done: So when you see Â¯Â¦Â§AÂ®Â©Â¯NÃ€Ã±Ã‡TÃ™Â³Ã½IÃ½Â¨Â®-Â¥Ã’Â¥AÂ·Â°ÃƒLÂªÃŠÃ•LÃ³Â¦ÃŸEÂ§ÃŠÃ¢RÃÃ—Ã§GÂ¿ÃŠÃ˜IÃ¼Â¹Ã¦CÃŠÃ«Ãš/ÂºÂ³Ã’AÃ¬Ã©Â¢SÃ³Ã©ÃŽTÃÂ¹ÂµHÃ›Ã®Â±MÂ·Ã‚Ã AÃ®Ã´Ã:. the spam filter sees Â¯Â¦Â§AÂ®Â©Â¯NÃ€Ã±Ã‡TÃ™Â³Ã½IÃ½Â¨Â®-Â¥Ã’Â¥AÂ·Â°ÃƒLÂªÃŠÃ•LÃ³Â¦ÃŸEÂ§ÃŠÃ¢RÃÃ—Ã§GÂ¿ÃŠÃ˜IÃ¼Â¹Ã¦CÃŠÃ«Ãš/ÂºÂ³Ã’AÃ¬Ã©Â¢SÃ³Ã©ÃŽTÃÂ¹ÂµHÃ›Ã®Â±MÂ·Ã‚Ã AÃ®Ã´Ã: The spam filter can't see any suspicious words there - it can't see any words at all! But maybe if the filter can't see a single word in the email, it will still think it's a spam. So what does the spammer do? He adds a random block of text to the bottom of the email for the spam filter to see. Usually this is white text on a white background, so you can't see it. Example: Example: http://scammed.by/scam.php?id=65143 3. Mis-spelling words, often using numbers not letters Often phishing emails are sent out pretending to be from Google, for example. But if the email said "Please click here to sign into your Google account" then spam filters would detect it as a phishing email. So they misspell it, like Gooogle, or G00gle Example: http://scammed.by/scam.php?id=65334 4. Very short emails asking you to reply for more details Many scams now just say something like "I have something important to discuss, please reply for more details". This is harmless text that spam-filters won't think suspicious. Once the person replies, the scammer sends the full-length scam email; but because the recipient has already emailed the scammer, the spam filter will not analyse the reply from the scammer properly. Example: http://scammed.by/scam.php?id=65287