To the anti-spam researchers at Message-Labs, an e-mail filtering company, each new wave of a recent stock-pumping spam seemed like a personal affront.
The spammers were trying to circumvent the world's junk-mail filters by embedding their messages -- whether peddling something called China Digital Media for US$1.71 a share, or a "Hot Pick!" company called GroFeed for just US$0.10 -- into images.
In some ways, it was a desperate move. The images made the messages much bulkier than simple text messages, so the spammers were using more bandwidth to churn out fewer spams. But they also knew that, to filters scanning for telltale spam words in the text of e-mail messages, a picture of the words "Hot Stox!!" is significantly different from the words themselves.
So the bulk e-mailers behind this campaign seemed to calculate that they had a good chance of slipping their stock pitches past spam defenses to land in the in-boxes of
prospective customers.
It worked, but only briefly. Anti-spam developers at MessageLabs, one of several companies that essentially reroute their clients' e-mail traffic through proprietary spam-
scrubbing servers before delivering it, quickly developed a "checksum," or fingerprint, for the images, and created a filter to block them.
Advances in spam-catching techniques mean that most computer users no longer face the paralyzing crush of junk messages that began threatening the very utility of e-mail communications just a few years ago.
But spammers have hardly given up, and as they improve and adapt their techniques, network managers must still face down the pill-pushers, get-rich-quick artists and others who use billions of unwanted e-mail messages to troll for income. "For the end user, spam isn't that much of a problem anymore," said Matt Sergeant, MessageLabs' senior anti-spam technologist. "But for the network, and for people like us, it definitely is."
Shortly after MessageLabs created a filter to catch the stock spams, the images they
contained changed again.
They were now arriving with what looked to the naked eye like a gray border. Zooming in, however, the MessageLabs team discovered that the border was made up of thousands of randomly ordered dots. Indeed, every message in that particular spam campaign was generated with a new image of the border -- each with its own random array of dots.
"That was kind of cool and kind of funny," said Sergeant, a soft-spoken British transplant who spends his days helping to douse spam fires from his home office outside Toronto.
During a recent meeting at the company's New York office, in Midtown Manhattan,
Sergeant and a colleague, Nick Johnson, an anti-spam developer visiting from Message-Labs' headquarters in Gloucester, England, expressed both amusement and respect over the sheer creativity of the world's most
prolific spammers, who continue to dump hundreds of millions of junk messages into the e-mail stream each day.
"It was almost like they knew what we were doing," Sergeant said.
Several surveys -- from AOL, the Pew Internet and American Life Project and others -- have indicated that the amount of spam reaching consumer in-boxes has at least stabilized.
That is true for users whose networks are protected by off-site, third-party filtering
services like MessageLabs', as well as those protected by network software or in-house equipment that filters messages before they hit a company's e-mail server.
RSS