I have to admit that even though spam is a waste of time, sometimes it’s really funny to see all those messages in my inbox recommending to enlarge my penis or to buy cheap viagra, and so on -how the hell they find out my needs?!?! ๐
But the true is that lately my inbox is very boring, my antispam filter is working really well and I don’t even get those messages from hot eastern European girls that want to meet me ๐
That’s why yesterday I was really happy when I received the following spam message in my inbox:
You have to admit that this message was very promising: even though I was not able to understand anything, at least it was coming from Natasha, a very nice name. But how could I contact Natasha if I don’t understand what she is saying? I took a look at the source code of the message:
So there is really nothing new. But it has to mean something, don’t you think? Then I decided to copy the text and change the size of the font, and look what I found out:
Yes! Beatiful Russian Ladie :)รย That’s perfect, so Natasha is Russian and beautiful, cool. Then, I took a look at the spam message, and I realized that the message was sent from a computer in Roubaix, France:
Weird, but who cares? This is even closer to Bilbao ๐
Well, everything is perfect now, but I could need some viagra, I’m getting old (already 34!)รย and Natasha could be really passionate. And in this moment is when I received a second message, this one was even more confusing:
I was puzzled by this message, as I could understand the words but not the meaning. Definitely the attachment seemed to be malware, even though the antivirus didn’t detect anything. But I had to know where the text was coming from before playing with the attachment, so I took a risky decision and used one of the most powerful tools that can be used: Google ;)รย So it took the first words of the message, and this was the result:
So it is a text from a book available in Google books… Now I can take a look at the attachment. Inside the zip file there’s a jpg file, a quick look to check that there is no exploit within the file and let’s see what it contains…:
Cool, now I have all that I need to meet Natasha ๐
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
4 comments
Well, i’m sure that the text included in the message it’s generated to escape from spam filters, using books as a source of correctly written text.
The image from second email looks waved and the background looks like a captcha, it’s also a technique to escape to OCR or i’m just getting to suspicious about everything? ๐
You are right, of course, and one is never too suspicious ๐
And the 1st one is using ASCII techniques to avoid spam filters, I blogged about this a couple of years ago:
http://pandalabs.pandasecurity.com/sex-in-ascii/
Well, I’m not sure what you lads are on about – captcha’s, ASCII techniques, escaping to OCR, but the blog made me smile. A big thanks to the Panda boffs helping a non-techy lady like myself sort my laptop out!!!