Google Blogoscoped

Forum

Example of sophisticated spam making it through Gmail

Brian Mingus [PersonRank 10]

Monday, November 19, 2007
12 years ago2,322 views

Bayesian methods of spam fighting have created an arms race between service providers and spammers. In the case of SpamAssasin and Gmail, the spammers have access to the system, so they are able to study it and see what gets through. It's even possible to train a Markov Generator to essentially reverse engineer the filter and generate spams that have a high likelihood of beating the filter, based on the types of things the filter lets through. I have received roughly ten spams in my Gmail inbox today, and I assume that this or something similar is the method they are using. There are no overt references to the product, fooling the bayesian process, and they all have the same form. I have modified the link so that it does not go to the original website, but as you can see, they have created a link to a Google search for which they are the top result, and then added the "I'm Feeling Lucky" redirection parameter. Gmail is completely thwarted by this method. Note that the extra e-mail header is _in_ the body of the message:

-------- BEGIN SPAM --------
Date: Sun, 18 Nov 2007 22:50:31 +0000
MIME-Version: 1.0
User-Agent: Microsoft Office Outlook, Build 13.802.50
Content-type: text/plain; charset=US-ASCII
X-MimeOLE: Produced By Microsoft MimeOLE V6.08.63.1666|

Increase your Size

google.com/search?hl=en&q= ...

quo
   weary
   omelet
   biggs
   famous
   advert
.squawk
   han
   way
   adjust
   jive
   oocyte
   olga
.
envy
   adverb
   zodiac
.

grid
   tune
.
-------- END SPAM ----------

This thread is locked as it's old... but you can create a new thread in the forum. 

Forum home

Advertisement

 
Blog  |  Forum     more >> Archive | Feed | Google's blogs | About
Advertisement

 

This site unofficially covers Google™ and more with some rights reserved. Join our forum!