The MUST-KNOWS you should know!

A simple question deserves a loooong answer!

Yes, that gibberish is both weird and - sometimes - amusing. There are even people who collect it - and I've seen at least one book based on the gibberish alone! Anyway, as to why they write the gibberish: well the spammers have 3 main tactics to avoid the spam filters on servers and in your average email client.

Typically the filters are dumb, simply looking for words like 'viagra' or 'cialis' or looking up 'blacklists' of known spammers. So firstly the spammers will deliberately mis-spell their 'products' in the subject lines or body of the email. So you get 'v1agra' or 'vi AG ra' and so on. Sometimes that's enough. However smarter filters use statistical, analytical and adaptive methods that will learn to pick out the spam from genuine email over time (ie they get better the more spam they see). Often they use Bayesian algorithms to assess the statistical probability of each email being spam. They look for key things like text length, frequency of particular keywords, and the number of targets "cc'd" in a note. Shorter emails are more likely to be spam, as are emails 'mass-mailed' to multiple similar recipients, and emails where certain keywords appear too frequently (like 'sales' or 'mortgage' or 'pharmacy' to use just 3 examples).

So the spammers reacted to smarter filters with the second tactic: padding out their emails with long slabs of "gibberish" that actually looks real; in fact it's often genuine text copied from books or genuine websites. The gibberish masks the keywords, making it harder to be certain that a particular email is spam based purely on statistics - it introduces doubt.

Lastly they have used avoidance by creating images that look like text but are in fact images. So the filters have very little to go on - they need text as image-recognition is much harder to do. Thus they can only decide black or white based on subject lines, destinations and senders, all of which can be carefully constructed by the spammer to conceal (as in using a 'genuine' subject line message like 'Hi Geraldo how's it going?') or to 'spoof' (where real email addresses or even IP packets are hijacked for spam use, often by trojans carried by spam).

Which brings me to the dangers therein. Some "GIF" images actually can conceal code, so looking at an image in your email program can invoke a simple program that could plant a trojan that then calls up other software to invade your machine, Using up to date email software usually fixes that loophole, though.

Some links embedded in spam, especially the more cunningly concealed 'phishing' type of spam, actually obscure the real intent of the link. Clicking on the link may download a small program that will load a tracking device for 'marketing research' (ie spyware), or a trojan that invokes later and may set you up with a backdoor for later nefarious use (such as using your machine as a proxy spam send-mail server). Or it could download a keystroke capturer (to get your passwords and send them 'home'). Sounds scary but all you have to do is -- avoid clicking on any link in spam!

So the rules are
(1) use the latest version of your email application
(2) don't click on links you don't trust and
(3) perhaps most importantly, get a virus checker, an anti- spyware tool and a personal firewall.

The firewall will stop attacks coming in, and will also detect the unexpected - like when your machine starts sending thousands of spam messages without your knowledge. It will in fact say, sorry, you are not a mail server and block that outbound access. Some brands I trust are the Mozilla Thunderbird email client, Check Point Integrity Flex for firewalls, Lavasoft Ad-Aware for spyware checking and Symantec/Norton AV or VET as viruscheckers. There are others, I just haven't tried 'em all.

How's that for a short answer!!!