The Wall Street Journal reports on a new type of spam 
that has been doing the rounds for the past few weeks.
This is not the “image spam” plague, but something else. Spammers are loading up inboxes with emails containing short extracts from authors like J.R.R. Tolkien, Alexander Dumas and Daniel Defoe.
Sometimes called “empty spam” because it contains no advertising pitch or offers or phishing attempts, this type is on the rise according to IronPort Systems . I can’t find an IronPort press release to confirm the figures, but the WSJ says that,
the number of empty spam messages has almost doubled to 4% of all spam email in recent weeks, according to IronPort Systems…. For a few days in June, it peaked at 40% of all spam.
Theories about the motivation behind “empty spam” messages vary. Some suggest that it is an attempt to confuse spam filters so that more malicious spam will slip through later.
Others point to a possible breakdown of communication between spam host servers and the virus-infected “zombie” computers that circulate the spam more widely. When communication breaks down, the zombies continue to send the “hashbusting” text that helps spam make it past the filters but without the “active package” which contains the advertising offer or phishing scam.
Unlike “image spam”, I haven’t seen any of this “empty spam” myself.
I have definitely seen this type of spam. I have seen two forms of it. One where the whole body of the message is empty, and the other where it appears to be a personal note to me (but the message appears to be computer generated)
I believe I read recently that spammers are currently in the process of creating and/or updating massive databases of known-good email addresses to sell to other spammers. The idea is just to blanket everyone with these emails- the sole purpose is to see if a given email address gets bounced back by the server as unknown or bad- if it does not bounce back, they know it’s a real email address and add it to the database… and sell your email address to yet another spammer.
The ultimate result will be an exponential increase in spam.
If what Dave says is true. is there a way for mail to send a message to an image file e-mail address to fake the bounce back to effectively hide your e-mail address from these guys. Cause it’s starting to get ridiculous.
I wish I could charge everyone a nickel for sending me an e-mail. Even if the ISP just kept the cash to pay off my Internet bill I’d be happy.
mcloki, you can use Apple Mail’s Bounce feature to manually bounce spam back to the sender- they will receive a message that your email address had “fatal errors” or something like that. if you do this you may get a “mail undeliverable” message back- spam usually has some spoofed email headers in it- but that’s OK. Presumably the spammer will still get a copy of the error message.
You should also leave “display remote HTML images” turned OFF by default in Mail Preferences. Lots of spam has images which automatically load from the spammers’ servers when you open the email- this sends a signal back to their server that your email address is a “good one”, and you go on their list.
This means that Mail will display a Load Images button up in the right corner of every email with images, and you will have to click it to see the graphics on any legit email you want to see- but to my mind this is a minor inconvenience.
I’m sure you’ve noticed, if you use the display pane in Mail, that you can’t click on an email without displaying it’s contents. But if you double- click on the bar that separates the list of emails from the display pane, this will close the display pane. You can then select any email without opening it- to bounce it, or whatever. Then just double-click again to reopen it.
I’ve been getting a lot of this empty mail from my website contact form. The browser is usually set to something generic like ‘Browser: Mozilla/4.0′ so now I’m filtering them out. If you use any normal browser, it’ll identify itself more than just ‘Browser: Mozilla/4.0′
Dave, Unfortunately, the “bounce” command won’t have the desired affect. The spammers are looking for SMTP error messages during the SMTP connection, when they can get an actual response. Unfortunately, unless you run your own mail server, you don’t have control over this. If your ISP uses Cyrus IMAP, ask them about Sieve – which is server side filtering that can handle some of this for you (depending on the configuration).
If you’re geting a specific type of spam, also ask your ISP about sending them the full message so that they can tweak their spam settings.
[...] Sometimes called “empty spam†because it contains no advertising pitch or offers or phishing attempts, this type….[Read the Rest] [...]
[...] I woke up this morning to find about 18 emails in my Gmail Inbox that were spam. I had caught a blurb on Slashdot yesterday about a new wave of spam but didn’t think it would get to me. It did. The way it seems to be working is they paste a bunch of text from a novel of some sort and then attach an image with the spam message in it. [...]