An old computer art form is making a comeback as a newer way to evade spam filters.
For decades, computing fans have enjoyed a form of expression called ASCII art that shows pictures or messages as a low-resolution graphic, a grid made of numerous computer characters encoded with the venerable ASCII standard. With a photo digitized with ASCII art, for example, the “#” character can represent a dark pixel and “.” a light pixel. And there are large fonts constructed from an assemblage of individual characters.
Now the technique has surfaced as a way to transmit information that’s hard for spam filters to detect–but that so far, at least, has proved relatively harmless beyond that stage.
An example of ASCII art spam.
“There’s been an upsurge in ASCII spam in the last week…It’s quite effective in getting through filters,” said Chris Boyd, director of malware research at messaging management firm FaceTime Communications.
But earlier efforts to use ASCII art for spam have proven to be duds, he added. “The downside is that 9 times out of 10, it’s completely useless because it’s almost impossible to read, or it’s a really bizarre picture of a naked lady that’s not clickable,” Boyd said.
Evasive maneuvers
Spam filters can detect the word “Viagra” and suspect Web addresses of sites trying to get rich quick by catering to the demand for the drug. But it’s another thing altogether to detect an ASCII art version of the same word. Indeed, an ASCII art spam e-mail reading “Viagra-$1.15? and “Cialis-$1.99? made it past the spam filters of my Yahoo Mail and Gmail accounts.
Google declined to comment specifically on ASCII art spam. “We expect spammers to use every means possible to try to send spam. That’s why we have a very robust spam-fighting effort at Google,” the company said in a statement. Yahoo didn’t respond to a request for comment.
Here’s why it’s clever. One line of the e-mail is “78 46 60 11 04 75 300 38 0348 18 61 55171?–gibberish that hardly resembles part of the word “Viagra” or a suspect URL. But reading it on my screen as part of the overall text, its meaning was clear to me in a flash. And a spam generation program could evade spam filter fingerprinting by randomly substituting other numbers into the text art.
Clever–but largely ineffective
The only trouble for spammers: the very reason the art spam is hard to screen out also makes it, well, somewhat impotent as a spam method.
The example spam I got, for example, didn’t include any handy URLs I could click. There was a Web address in the ASCII art, but I’d have to type it in myself. But adding an active URL to a spam-affiliated site is likely to catch the attention of the spam filter.
“They’ve got this great idea for getting past the servers, but they don’t seem to know how to employ it as effectively as they could,” Boyd said. “Combining this with effective spam techniques might be more effective” for the spammers, he said.
Another problem: With the variety of fonts, computers, and e-mail-reading applications in use today, there are good odds ASCII art spam will look like gibberish to the human reader as well as to the spam-checking filter.
ASCII art in action
Here’s an example of ASCII art from one of many Joerg Seyfferth’s ASCII text generator, one of many on the Internet.
If you're interested in learning more on how spammers work, how they send
billions of emails, you can contact me -LikeMesLolka ( Matthew Jain) on the chatbox,
I'll tell you my PGP public key.
since its notplaintext
Right now the way Bayesian Filter work, they will not be able to counter such SPAM
