Attackers are reinventing spam by writing subject lines and text backwards and upside-down or using different characters...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
and languages. Are there any spam filters that can detect this kind of tactic? Are there rules to put in place to ensure my antispam filter will detect this?
The antispam war has been going on since the 1990s, and the tactics for both sides have changed over the years.
One of the first methods used to help identify spam was to scan for non-English or non-native characters in the email and mark it as potential spam. This, along with other techniques, increased the confidence in marking an email as spam; many early spammers had poor English spelling and grammar skills, allowing people and antispam filters to identify spam or phishing emails. However, with time, spammers improved their techniques, using spellcheckers and editors to make emails look legitimate.
Then there was the introduction of image-based spam, and then HTML-email techniques, and eventually the intentional use of misspellings, which would be "auto-corrected" by the reader as they were reading the email, but could potentially be used to bypass antispam filters.
Brian Bebeau, a security researcher at Trustwave SpiderLabs, wrote a blog post about spammers using left-to-right text, or reversing characters, in an effort to get past antispam tools. Raw text is written in right-to-left coding, but in the HTML, the text is recoded to left-to-right so the user can read it.
While this method may help some spam evade detection, antispam tools can have rules added to them to detect right-to-left text and increase confidence that the email is spam. This is similar to the blacklist versus whitelist debate, but given the issues with blocking legitimate email, it may be more difficult to make a transition to a whitelist approach.
Other recent antispam advancements include improved reputation filtering and whitelisting legitimate SMTP servers, which can both improve spam detection.
Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
View 10 tips for combatting spam
Catch up on enterprise spam defense
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Nick Lewis
The OurMine hacking group recently used DNS poisoning to attack WikiLeaks and take over its web address. Learn how this attack was performed from ...continue reading
Typosquatting was used by threat actors to spread malware in the NPM registry. Learn from expert Nick Lewis how this method was used and what it ...continue reading
Threat actors are using phishing email campaigns to fool users with tech support scams and fake Blue Screens of Death. Learn how these campaigns work...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.