OCS banner and logo
Keeping clients' computers safe and profitable for over 30 years

Home Forms About Current Newsletter subscribe 
Search All Articles

Browse by Category

powered by pmc2m


Why Spam is Hard to Stop

Preview:Comflaged Villain

Why doesn't your email provider's spam filter work better? Let's look under the hood at how scammers can obfuscate their phishing attacks.

I'm sometimes asked why our email providers can't do a better job keeping spam out of our inbox. It is trickier than you might think. Check the example below. To keep their cons from showing clearly and being tracked, there are many tricks. They can intersperse white characters and a white background so they are not seen, by human eyes, but are by machines that would scan. They can also use fonts or coding that hides itself.

This is what I received. It looks legitimate. To avoid detection as spam or phishing, they obfuscate their attack. Here is their actual source code for just the top line. I've highlighted the parts that actually display to human eyes.

This obfuscation allowed them to bypass the spam checkers. Notice they have a style called 3D which is defined somewhere else but has the attribute of "display:none;". No doubt that stops it from displaying, but not from confusing programs trying to find words and phrases used in spam content.

Date: May 2024

Creative Commons License
This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

  Please direct questions/suggestions about website to the webmaster