[sniffer] Re: Spam no using CAPTCHA!
Hello Daniel, Wednesday, June 11, 2008, 9:19:47 AM, you wrote: Hi Everyone, I just sent a spam sample to Message Sniffer, that was using CAPTCHA, it said CIALIS in the CAPTCHA. I'm curios to see what Pete thinks of this new tactic? On first look it is simply another way to use an obfuscated image to deliver their message and should be handled the same way. Use of CAPTCHA software to create this obfuscated image is an interesting choice -- it means people making good OCR resistant CAPTCHA generators are now unintentionally helping the blackhats defeat OCR based spam filtering. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Spam no using CAPTCHA!
Fortunately, from what I've read, CAPTCHA is about worthless if effectiveness counts. Frustrating for humans and not much of a barrier to the bots. -- Original Message -- From: Colbeck, Andrew [EMAIL PROTECTED] Reply-To: Message Sniffer Community sniffer@sortmonster.com Date: Wed, 11 Jun 2008 08:48:55 -0700 ... and it also means that OCR based spam filtering is succesful enough for the spammers to adopt CAPTCHA-style text-obfuscation-in-images as an evasion method. Andrew. -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Pete McNeil Sent: Wednesday, June 11, 2008 8:18 AM To: Message Sniffer Community Subject: [sniffer] Re: Spam no using CAPTCHA! Hello Daniel, Wednesday, June 11, 2008, 9:19:47 AM, you wrote: Hi Everyone, I just sent a spam sample to Message Sniffer, that was using CAPTCHA, it said CIALIS in the CAPTCHA. I'm curios to see what Pete thinks of this new tactic? On first look it is simply another way to use an obfuscated image to deliver their message and should be handled the same way. Use of CAPTCHA software to create this obfuscated image is an interesting choice -- it means people making good OCR resistant CAPTCHA generators are now unintentionally helping the blackhats defeat OCR based spam filtering. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED] # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]
[sniffer] Re: Spam no using CAPTCHA!
Hello Andrew, Wednesday, June 11, 2008, 11:48:55 AM, you wrote: ... and it also means that OCR based spam filtering is succesful enough for the spammers to adopt CAPTCHA-style text-obfuscation-in-images as an evasion method. Possibly, but I wouldn't put too fine a point on it. It's very easy for spammers to adopt this new technique--- it may have happened just on a whim. They often try things at random just because they think it might work, or because they get an idea and start tinkering with it. In that context this is a kind of random mutation that may result in a kind of spam more fit for survival. Or it might not. Another reason for them to try this is that their current methods for modulating their images are getting old - and the artifacts associated with those methods are themselves fairly easy to detect-- so rather than invent a new way a quick easy choice is to coopt CAPTCHA and let somebody else do the work. _M -- Pete McNeil Chief Scientist, Arm Research Labs, LLC. # This message is sent to you because you are subscribed to the mailing list sniffer@sortmonster.com. To unsubscribe, E-mail to: [EMAIL PROTECTED] To switch to the DIGEST mode, E-mail to [EMAIL PROTECTED] To switch to the INDEX mode, E-mail to [EMAIL PROTECTED] Send administrative queries to [EMAIL PROTECTED]