Fun With Spam

- - posted in metrics, security, spam | Comments

Collecting Hamster Wheels of Pain is certainly a fun hobby. So is collecting the rather amusing e-mail addresses chosen by spammers to evade e-mail filters. Here are some good’uns from the 305 spam-grams from the past week:

  • Amyroh (x2; aka the name of a talented Sun Java engineer; clearly mined from apache.org dev lists)
  • brian@domain.com (x2)
    1. Michael Patterson, M.D. (“Dear valued patient: get the safest prescription at the lowest cost here.”)
  • Deandre Pryor (“Curious? Come explore”)
  • Donny Cervantes (“”Inexpensive tablets here”… yes, but are the windmills cheap too?)
  • drew.varner@oracle.com (subject: “Status”, plus viral payload. It’s not from Mary Ann…)
  • Earthlink Customer Support (x100, self-congratulatory e-mails about blocked viruses; legitimate sender)
  • eBay (“fraud alert”, with link to a not-very-disguised Australian server)
  • Elmo Glass (subject: “you travel as horsemeat”, with inline image advertising diet/sex/memory pills)
  • java2d-interest@sun.com (with Lovegate virus stripped out by Earthlink)
  • jimmy@allaire.com (subject: “owmfj”)
  • Lyle Kramer (subject: “Hello Football Raunchy Blond Mom Gets Hardcore C**tbang”)
  • Micah Becker (subject: “Re: on begin to tether”)
  • Parker Hardy (admittedly this is very funny, at least for those of you who have a memory for late 70’s primetime TV)
  • Santos McGee (Wavmokqlq@optonline.com; advertising cheap mortgages; as if anyone with a brain would entrust financial matters with someone willing to disguise their identity. Assume it was a real name: interesting wedding that must have been…)
  • Sherry Comer (subject: “That run an fondu”)
  • trebor.a.rude@lmco.com (Interesting. With my A&D background, I interpret this as “Trebor A. Rude at Lockheed Martin Corporation)

Yeeeeargh.

There aren’t any obvious patterns here, other than to note that we’ve got plenty of evasion methods on display: random dictionary constructions, website impersonation, old-fashioned come-ons and white-page-concatenation.

From a metrics standpoint, over the one-week span I’ve received 305 spams in my e-mail inbox, plus another 512 blocked by my ISP (since October 28; which equates to about 1000 weekly), for a total of about 1300 spams per week. I have perhaps received (max) 100 legitimate e-mails in the same period, and probably closer to 50. That means my e-mail inbox is over 96% spam. Swell.

Comments