Johannesburg, 24 Mar 2005
Experts at SophosLabs, Sophos`s global network of virus and spam analysis centres, have published a report detailing the most commonly used words that spammers include in their marketing messages but attempt to hide from anti-spam software.
A more extensive list of words that spammers most commonly disguise can be viewed at http://www.sophos.com/spaminfo/articles/spamwords.html
"Spammers have a dilemma," explained Brett Myroff, CEO of local Sophos distributor NetXactics. "They want to sell certain products or include certain phrases in their spam e-mails, but they also know that many people will have filters looking for those words and automatically junking them. For this reason they use obfuscation to try and disguise the words from the anti-spam software."
Sophos researchers have found that the vast majority of spam - up to 80% - deploys obfuscation tricks to try and disguise the words, and slip them past anti-spam software at the e-mail gateway. These tricks can be as simple as deliberately misspelling a word, or using a zero instead of the letter "o", to much more sophisticated techniques that exploit the power of HTML e-mail.
However, sophisticated anti-spam software can detect spam which contains deliberately obfuscated words and phrases and prevent it from reaching users` inboxes. For instance, Sophos PureMessage can detect more than 5 600 000 000 different ways in which the word "Viagra" can be obfuscated in a spam e-mail.
SophosLabs analysed a list of words based on the level of frequency with which they were used in spam e-mails to determine which words were most commonly obfuscated. SophosLabs estimates that over 30% of the spam it received contained URLS relating to healthcare advertisements, such as drug offers, while over 20% of URLS received had offensive content within the message, indeed sexually explicit words make up 14% of the top 50 words on the list.
"The list of words most commonly hidden by the spammers from anti-spam software reveals that most spam is about the old favourites: money, drugs and sex," continued Myroff. "It is not only essential that people keep their anti-spam software up-to-date, but that they also learn to rise up from the gutter of quick fixes and instant gratification, and resist their basic instincts to buy from spam mails. Spammers are criminals, plain and simple. If no one responded to junk e-mail, and didn`t buy products sold in this way, then spam would be as extinct as the dinosaurs."