And Now, a Special Message from Haggai H. Refocuses
David Shamah, The Jerusalem Post May 29, 2006
“Ancestors L. Pantheists.” “Redheaded Q. Spittoon.” “Sennacherib O. Collides.” Yep, they're all good buddies of mine – or would like to be, based on the amount of e-mail I get from them. They're all trying to sell me something, usually Viagra, a weight loss plan, maybe a new mortgage. All enterprising, hardworking folks, who labor day and night to make an honest buck.
In an effort to outsmart the spam filters many users have installed in their e-mail inboxes, spammers have come up with new, sophisticated methods of beating the system, from authoring e-mails with names of senders or subject titles that don't contain keywords that spam filters aren't set up to stop, to using poetry in the body of a message to throw filters “off the scent,” to the downright eerie use of names and subject titles that sound absolutely real, so real that you open the message – only to find that it's another plug for a penny stock that's “about to take off!”
Most spam consists of html messages, which almost always has a “web bug” or “beacon” (http://www.bugnosis.org/faq.html) that collects data about you and your computer when you open it up. The web bug lets the spammer know, among other things, that they've reached a “live” address, all but guaranteeing that you'll be hearing more from these folks in the near future.
Now, I ask you, would you open a message from someone named “Sport P. Fundamentalism?” Don't you already know s/he is going to be hawking something like phony Rolexes? Yes, but the funny names do get through spam filters; because they're different every time, you can't effectively insert them in advance into your “block sender” list, because you don't know what name the algorithm is going to generate next. And what if you subscribe to a sports newsletter, or are a fundamentalist preacher, or have a historical interest in Sennacherib, or are in the spittoon business? And remember – as long as sending out e-mail is free, spammers can just keep adding addresses to their mailing list ad infinitum; if just 1% of recipients open and/or respond to their message, they've had a good day (http://tinyurl.com/oxkbv). And you know that somebody, somewhere is going to want to read what a guy like “Discountenanced S. Terminable” has to say for himself.
Another trick used by spammers to get past filters is the inclusion of large portions of text in a message. The usual format is to have the html sandwiched between some prose or even poetry, on the top and bottom of the message. '"It's like being at a giant music conference 24 hours a day every day," said Greg McIntosh, 27, guitarist for Ann Arbor, Michigan-based Great Lakes Myth Society,' said one message for cheap Xanax and Valium, using a quote I traced to this AP article (http://tinyurl.com/mhcgj). Did it get through the spam filter? Indeed it did, and to boot, they inserted tiny little yellow letters in between the huge upper case XANAX and other medicine names in the message – just in case I had Xanax, or even X*a*n*a*x on my bad list (which I do). I'm not in the market for discount meds from Korea personally, but remember that 99% factor. Most of my spammer buddies seem more interested in news (I get a lot of snippets about Iraq), but the more cultured ones are trying to raise the sophistication of their market by using poetry, turning “poetry slams” into “poetry spams” (http://tinyurl.com/s33kw).
Most
of these phony text messages are either from weird folk “Mistrial
H. Fierceness” and his ilk, or from anonymous type names like
“Paxon Puckett” and “Napoleon Atkinson,” or
have subject names like “Join the Hoodia Revolution” and
“Great Gifts Ideas.” But then there the messages that
sound like they're from real people with real things to say –
and increasingly, I've noticed, even from people who sound like they
might live right down the block from me!
If the “Rainbow C. Irrelevant” school of spamming relies on the recipient's sense of humor or adventure to get him/her to open the message, the messages from guys like Ricky with the message subject “Hey,” for example, are playing the odds that they requisite 1% of readers are going to know someone name Ricky, who's the laid back cool type that would just casually jot off a message called “Hey.” And if not Ricky, maybe you know a Ralph, Alice, Ed, Trixie, or any one of other of dozens of “regular” names that somebody, somewhere in the world must be friends with. What are the odds, 99 to 1? Good enough, says the spammer (I'm betting those four names I just mentioned – e-mails I've gotten over the past month – were authored by a spammer who's a Honeymooner's fan!).
Well, lucky for me, I don't know any Ralphs et al who would tell me in a subject line that “This is a must read for your h31th.” The people I know – or whom I would expect to be writing to me, perhaps to ask me about an article or program I've written about – would be more likely named Yeshaya, Jonah, Ilana, Gershon, or Devorah, and have surnames like Ovadia, Goldberg, Sutton, Halpern and Neria. Combine these not-so generic sounding names with subject titles like “Question for you” or “Windows XP SP2,” and it's a sure thing I'll open it, believing it to be from an acquaintance or reader. I'm all for fighting spam, but I certainly don't want to miss “real” messages from real people, like this guy (http://tinyurl.com/mj2ud) who got spam-filtered out of a nice piece of business.
So imagine my shock when a message from “Haggai Davis” on the subject of “Re:Hi” turned out to be a ludicrous suggestion for some crazy operation. Obviously spam has taken a great leap forward, if “they” can now program region or country specific names and/or subjects, tailor made to greatly enhance the likelihood of the recipient opening the message. When you think about it, it's actually a bit shocking that spammers haven't gotten around to doing this before; the same database that makes sure you see Hebrew language banner ads when you're surfing sites based in Mexico are the same ones that have all the information spammers need to program information based on IP preferences - a quick perl script that even a middling programmer can write in about five minutes can generate a list of most popular first and last names for e-mail addresses in the database sent from specific IP address ranges. Remember, though, we're talking about spammers here – if they haven't bothered with programmed name/subject like before, it's because they've been getting their 1% quota (and then some) without it, or that they're very, very lazy people.
Ds@newzgeek.com