How Spammers Bypass GMail Spam Filters

Isn't that a very old trick? I thought that's why most email providers have a setting to disable images unless you click "display image". Is this trick able to circumvent that?

This is a silly post...

* as someone who has 386 and growing spam in my spammage email, im more than accustomed to these cheap tricks. One good thing is that they appear small, anyway. You dont really need to read them if you dont want to. *

I don't really know why google can't simply block mails with non-roman letters (chinesee spam) and mails without any text at all (image spam), pre-mark .ru .cn as spam. .etc.

Ive been getting loads of those exact same spam messages and not just to my gmail account. Really annoying.

for google's advancements this is a stupid 10 steps back.

As for the images blocking gmail only does it if the image is over a certain file size.

And the flood of chinese spam is crazy.

I report as many of those as I can as phising attacks, hopefully that'll make them take notice.

And I'm finally givng up on gmail. fastmail.fm seems more to my needs.

Pretty old

In fact it gets worse than this. You may have noticed some emails (normal text and graphic as shown in this post) which contain a small graphic. The graphic is a small rectangle and it looks just like a series of different coloured pixels. But what could this image be? Many of you will know that spam filters use a technique which is used to identify the 'finger print' of an email. Once the finger print has been established the filter uses it to identify any new email with a similar finger print and thus treats them as spam. The finger print is based on the text, wording or content of the email. However if you look closely at the emails with the small rectangular graphic you will (or probably will not) notice that there are no two graphics the same if you compare 2 emails from the same spammer. They all have a different arrangement of coloured pixels. Therefore each email is technically different. It seems that that spammers are creating many emails, each with a different graphic contained and this fools most spam engines and filters.

Very annoying!

Jason
www.mee-mah.com

Wow. Spammers have been doing this trick for years. Like, before Gmail hit the scene :)

I would like to know why this article is trying to single out Gmail , this work around will work for just about any spam filter i know of ... yahoo gmail hotmail ...ext.... (correct me if im wrong) im going to have to agree that this post did not live up to my exspectations. This work around has been public for a very long time.

This is a very old trick ... and many SPAM filter will let thoose emails pass... (in real mail clients they even display big images and not small like gmail)

By the way have you been to the Spam folder and watch other spams to be sure that none with this method were catched ?

As reply to PAStheLoD :

Do you really think that russian people with Gmail account would be happy to have every .ru domains blocked ?
But instead you can set up a filter to block thoose mails yourself.

one way to solve spam in gmail is to give your address to your contacts as YourUserName+SomeSecretText@gmail.com. set up a filter to delete all that is not send to this address.

This is crap, gmail doesn´t automatically render images.

this is funny.

I have gotten so much spam in my main gmail account that i signed up for another one.. and unfortunately, i got spam from the same people an hour after i signed up for that account.. so i just forward any email i get on my gmail account to my yahoo account that way my important messages are forwarded, and any spam that makes it to my gmail inbox, gets trashed by yahoo.. yahoo's spam filters are better anyway..

This also is the cause of another very big problem: it allows the spammers to send you more spam.

When you open the email, the image is loaded from a remote server and often the can detect when a person opens their email, which address it was sent to based on this. So, once they identify you as opening the email with the image spam, you will get more spam as a direct result of it. This is done using various methods, such as cookies, javascript, or html to determine where it was sent to and then who is opening it. Sort of like how they collect people who email them to unsubscribe.

Pogue - Thanks for all the comments. The good thing is that GMail doesn't load images from external server unless you tell her to do so.

I have been suffering the same spam messages too.
I've written a spam analyzer in PHP which connects to gmail, fetch spam messages, and store the data. Then you can review the data with another script including some nice graphics. Check it out!: http://www.4tm.com.ar/4tmsite/wordpress/?p=3

Regards,
Jose.

I can't believe the comments people are leaving here. Let's clear things up:

1) This is not specific to gmail.

2) As the post CLEARLY states, "GMail will automatically render the image when you open the email message since the image is an attachment and not linked to an external website."

It's an attachment. They do not know when you open because of this. If the image was loaded from an external server then they would, but gmail (and other email programs including Outlook and Yahoo!) don't show remotely linked images by default for exactly this reason (and I guess because they could show something offensive).

3) As for the little pixel sized graphics - these are used for tracking, but are not shown by default, so in fact it does not "get worse than this."

4) YourUserName+SomeSecretText@gmail.com doesn't work because spammers know to strip everything after and including the '+' in gmail addresses. What you can do is register a domain name (somename.com) and when you sign up for something (say www.ilovedogs.com), give them the email address ilovedogs@somename.com . Set up mail forwarding to your gmail (or whatever) account with whoever is hosting your domain (make it so you get anything that's sent to any address at your domain). Then you'll see where the spam is coming from. It's very possible that they just guessed your email address.

As an aside, I've caught exactly one company (Ameritrade) using this. And their spam is exactly the kind discussed here.

Hide text into images on http://www.ImageGenerator.org ;)

I have FuzzyOCR working from within SA to handle this kind of thing.

Well, I finally had enough crap from spammers, and I finally just said enough is enough. I will tell you how I took back control of my inbox. I simply added a human validator to my filters.

Go to your filters settings and create a rule that simply states if the message doesnt contain (insert your own codeword) skip the inbox and delete it.

Now you may think what about the subscriptions I want. Well use a filter for each one and let them through.

I highly suggest you use a combination of numbers, letters, and non-alphanumeric characters (#$%^&, etc) to make sure the password is stron and something that a bot will never figure out.

UNDER NO CIRCUMSTANCES SHOULD YOU EVER GIVE THIS TO ANYONE YOU DO NOT TRUST COMPLETELY.

DO THIS, and you wont be sorry.

Why don't email providers use honey pots to fight spam? I mean Gmail can allocate 10,000 accounts out there and spread them across the Internet just like normal users.
Any email that ends up directed to those particular accounts gets filtered by Gmail because obviously it is spam. Make sure that those accounts are just listed and do not carry any activity.
I bet this will block billions of spam emails.

Finally a way to track those spam messages coming to gmail. Some of the spammers use spam bots to send viagra, and porn messages to your email. Some of the ways they avoid being caught is by hiding their IP address, or using multiple email adresses. One of the ways you trace back the messages and report abuse to the source , is this: downloading email tracker pro.
With this program it shows you a GPS view of the country the spammer is located, and it shows his ip adress, aand other useful information.

sounds like gmail needs a img reader like office 07 onenote has