Experts identify "Cialis" as the top word spammers try to
Experts at SophosLabs™, Sophos's global network of virus and
spam analysis centres, have published a report detailing the most
commonly used words that spammers include in their marketing
messages but attempt to hide from anti-spam software in order to
creep into inboxes.
"Spammers have a dilemma," explained Graham Cluley, senior
technology consultant for Sophos. "They want to sell certain
products or include certain phrases in their spam emails, but they
also know that many people will have filters looking for those
words and automatically junking them. For this reason they use
"obfuscation" to try and disguise the words from the anti-spam
Sophos researchers have found that the vast majority of spam -
up to 80% - deploys obfuscation tricks to try and disguise the
words, and slip them past anti-spam software at the email gateway.
These tricks can be as simple as deliberately misspelling a word,
or using a zero instead of the letter "o", to much more
sophisticated techniques that exploit the power of HTML email.
However, sophisticated anti-spam software can detect spam which
contains deliberately obfuscated words and phrases and prevent it
from reaching users' inboxes. For instance, Sophos PureMessage can detect more than
5,600,000,000 different ways in which the word "Viagra" can be
obfuscated in a spam email.
SophosLabs analysed a list of words based on the level of
frequency with which they were used in spam email to determine
which words were most commonly obfuscated. SophosLabs estimates
that over 30% of the spam it received contained URLs relating to
healthcare advertisements, such as drug offers, while over 20% of
URLs received had offensive content within the message, indeed
sexually explicit words make up 14% of the top 50 words on the
"The list of words most commonly hidden by the spammers from
anti-spam software reveals that most spam is about the old
favourites: drugs, money and sex," continued Cluley. "It is not
only essential that people keep their anti-spam software
up-to-date, but that they resist the temptation to buy products
sold via spam emails. Spammers are criminals, plain and simple. If
no-one responded to junk email, and didn't buy products sold in
this way, then spam would be as extinct as the dinosaurs."
NOTE: Information contained in this report may be
considered offensive by some customers.
The top 25 words most commonly obfuscated in spam emails:
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.