Sophos report reveals words that spammers most commonly try to disguise

March 22, 2005 Sophos Press Release

Experts identify "Cialis" as the top word spammers try to disguise

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centres, have published a report detailing the most commonly used words that spammers include in their marketing messages but attempt to hide from anti-spam software in order to creep into inboxes.

"Spammers have a dilemma," explained Graham Cluley, senior technology consultant for Sophos. "They want to sell certain products or include certain phrases in their spam emails, but they also know that many people will have filters looking for those words and automatically junking them. For this reason they use "obfuscation" to try and disguise the words from the anti-spam software."

Sophos researchers have found that the vast majority of spam - up to 80% - deploys obfuscation tricks to try and disguise the words, and slip them past anti-spam software at the email gateway. These tricks can be as simple as deliberately misspelling a word, or using a zero instead of the letter "o", to much more sophisticated techniques that exploit the power of HTML email.

However, sophisticated anti-spam software can detect spam which contains deliberately obfuscated words and phrases and prevent it from reaching users' inboxes. For instance, Sophos PureMessage can detect more than 5,600,000,000 different ways in which the word "Viagra" can be obfuscated in a spam email.

SophosLabs analysed a list of words based on the level of frequency with which they were used in spam email to determine which words were most commonly obfuscated. SophosLabs estimates that over 30% of the spam it received contained URLs relating to healthcare advertisements, such as drug offers, while over 20% of URLs received had offensive content within the message, indeed sexually explicit words make up 14% of the top 50 words on the list.

"The list of words most commonly hidden by the spammers from anti-spam software reveals that most spam is about the old favourites: drugs, money and sex," continued Cluley. "It is not only essential that people keep their anti-spam software up-to-date, but that they resist the temptation to buy products sold via spam emails. Spammers are criminals, plain and simple. If no-one responded to junk email, and didn't buy products sold in this way, then spam would be as extinct as the dinosaurs."

NOTE: Information contained in this report may be considered offensive by some customers.

The top 25 words most commonly obfuscated in spam emails:

  1. cialis
  2. orgasms
  3. viagra
  4. shipping
  5. milf
  6. valium
  7. pharmacy
  8. xanax
  9. increase
  10. vicodin
  11. orgasm
  12. online
  13. disclaimer
  14. rolex
  15. required
  16. remove
  17. prescription
  18. hydrocodone
  19. guaranteed
  20. cheap
  21. adobe
  22. ambien
  23. free
  24. price
  25. discount