Spam filter evasion self-defeating?

Donncha asks, is spam self-defeating?

has anyone else noticed that the new generation of gif based stock-trading spams are getting really hard to read? In the last one I had to squint and look really carefully to find out what stock was hot and a sure-buy today!

I’ve been wondering about this, too. We continually push spammers further and further from comprehensibility, since comprehensible spam is easily-filtered spam, but the spam flood doesn’t stop. In fact, spam volumes have shot up higher than ever.

My theory is that it’s a symptom of the spam side of things being a market in itself (and an inefficient, scam-heavy one at that).

IMO, the people providing the underlying products advertised in “high-end” spam — the pill-peddlers and stock pumpers — no longer control the technical details of how or where the spam is sent. Instead, they are the customers of professional spam gangs who do that, and take care of the obfuscation, filter-evasion, etc.

In other words, the pill-peddlers and scam operators are getting ripped off, too. They think their products or scams will be advertised in a comprehensible manner, in readable emails; but instead, odd, opaque 3-word messages with “cut and paste this” lines, hidden inside filter-evasion text and bits of Project Gutenberg, are what gets delivered to the victims.

I can’t imagine the clickthrough rates are exactly stellar on that. So I’d guess the spammers are responding by pushing up volumes to attempt to increase clickthrough/sales volumes. Wonder if it’s working or not?

This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.


  1. ben
    Posted November 25, 2006 at 00:19 | Permalink

    I do know that a lot more of that spam is getting through the filters that my services use. What I find odd is that a lot of spam which follows timeworn patterns doesn’t seem to be getting caught as I’d expect. I mean, you don’t have to be a bayesian heuristic algorithm to spot the following:

    Subject: Full of health? Then don’t click!

    Subject: Our store is your cureall!

    From: Brittney Rodriguez Subject: Brittney wrote:

    From: Brittney Rodriguez Subject: Hi it’s Brittney

    The first two have been around almost letter-for-letter for years. The last two are more recent, but when there’s a %FIRSTNAME% %LASTNAME% combination in the “From:” and the %FIRSTNAME% then appears in the Subject line, start listening for Vikings.

  2. Posted November 28, 2006 at 01:56 | Permalink

    I’m not seeing as many drug/penis enlargement spams anymore..

    so I’m guessing those vendors have determined that spam isn’t delivering the results anymore.

    I’m also guessing that the price/message delivered that a spammer can charge has been lowered, either due to increased competition from other spam groups, or the cost of setting up a website to process the people who click on them has gone up. (hence they demand better results from a spammer for a given price point)

    It would be interesting to hear from a spammer on this stuff

  3. Posted November 28, 2006 at 13:53 | Permalink

    Ian, it could be your filters are working too well for the viagra spam. I’m still seeing it, when I go digging through my spam folder… (it’s showing up with Subjects like “Re: unar” or “Re: deserve”.)

    I’ve been meaning to read the book by Spammer-X:

  4. Alex
    Posted November 29, 2006 at 09:28 | Permalink

    i get a lot of spam that doesn’t click through. I’ve been getting fake rolex spams for months and finally went to have a look. To only get sent to a broken url. Not to mention being unable to see my furry farmyard friends NAKED! Seriously though, nearly all of my spam is utter gibberish, and unless this is a new form of product placement, seems utterly pointless.