Sunday, December 2, 2007
Spammers Penetrate GMail Spam Filters
It was only a little less then a month back, that Google alleged that Spammers are giving up because of GMail's hardened spam filters (which apparently employs everything from text sniffing to OCR text recognition). Google didn't give any hard numbers to back this up, but it seems that this doesn't reflect the situation at all. A few innovative spammers have come up with a way to bypass GMail filters through a process that seems to be quite meticulous but ensures that the message will make it to the inbox of all GMail Users, at least for now.
I checked my account today, which usually has no spam messages - and was surprised to see more then 50 new spam messages that would have otherwise been put straight to the spam folder if not for the little workaround that some of these guys have discovered. SO with no further adieu - here's the process they used, and I will also show how to stop it from working (that is until Google fixes this hole).
Google Puts Too Much Trust in GMail Users
For a brief while, e-mails sent from a GMail account used to bypass the GMail spam filter when sent to another GMail user. Of course spammers picked up on this, and abused the crap out of it - and understandably this was fixed. But the problem still lies in the fact that GMail puts too much trust on its own servers and service. The spam loophole uses this and is as follows:
How to Disarm Forward SPAM
Ok, so how can this be stopped? To be honest it can't, only Google can really stop this from happening without any direct user intervention taking place. They should make it so that users have to accept/confirm before they can have messages forwarded to them.
But here's a temporary solution. It seems that this tactic isn't very prevalent just yet (at least I'm basing that on the fact that I couldn't find anything on this as of today). The way to stop this is simple - but will require you to do it for each address being forwarded to you. At the time of this post, 2 spammers were using this tactic - so I only had to do it for 2 email addresses, but as more spammers pick up on this - it may get tedious to have to repeat this process for each spam email address being forwarded. But here it is anyways:
1. Click on the spam e-mail and get the address located in the "to field":
2. Near the top of the page, click on the create filter link.
3. Enter the address that you copied earlier, and paste it in the to box. Click next step.
4. In the next panel, tick the radiobox that says delete. And near the bottom of the panel, tick the box to have all other e-mails using that address deleted from your inbox. Click Create Filter to finish.
Explanation:
Basically, if you haven't used filters before, this will filter and delete any e-mails coming to your inbox from that address (which is being used to spam you). You will need to repeat this process for each address, and since setting up new accounts is tedious for spammers this should cut down on some of the spam messages getting in to your inbox with this method. They can and probably will sign up for new e-mail accounts, and you'll have to repeat this process if your caught in the spam lists they're sending out.
For a long term solution, Harass GMail team at google until they do something about it.
I checked my account today, which usually has no spam messages - and was surprised to see more then 50 new spam messages that would have otherwise been put straight to the spam folder if not for the little workaround that some of these guys have discovered. SO with no further adieu - here's the process they used, and I will also show how to stop it from working (that is until Google fixes this hole).
Google Puts Too Much Trust in GMail Users
For a brief while, e-mails sent from a GMail account used to bypass the GMail spam filter when sent to another GMail user. Of course spammers picked up on this, and abused the crap out of it - and understandably this was fixed. But the problem still lies in the fact that GMail puts too much trust on its own servers and service. The spam loophole uses this and is as follows:
- They get a list of GMail email addresses.
- They create a new GMail account, using a generic name like John Smith, etc.
- Using GMails forward feature, they forward all incoming messages to the list of GMail addresses.
- They send their spam message to the GMail address they created, which they then white-list so that it doesn't get sent to the spambox - thereby forwarding the e-mail to 100's or 1000's of GMail users on the list.
How to Disarm Forward SPAM
Ok, so how can this be stopped? To be honest it can't, only Google can really stop this from happening without any direct user intervention taking place. They should make it so that users have to accept/confirm before they can have messages forwarded to them.
But here's a temporary solution. It seems that this tactic isn't very prevalent just yet (at least I'm basing that on the fact that I couldn't find anything on this as of today). The way to stop this is simple - but will require you to do it for each address being forwarded to you. At the time of this post, 2 spammers were using this tactic - so I only had to do it for 2 email addresses, but as more spammers pick up on this - it may get tedious to have to repeat this process for each spam email address being forwarded. But here it is anyways:
1. Click on the spam e-mail and get the address located in the "to field":
2. Near the top of the page, click on the create filter link.
3. Enter the address that you copied earlier, and paste it in the to box. Click next step.
4. In the next panel, tick the radiobox that says delete. And near the bottom of the panel, tick the box to have all other e-mails using that address deleted from your inbox. Click Create Filter to finish.
Explanation:
Basically, if you haven't used filters before, this will filter and delete any e-mails coming to your inbox from that address (which is being used to spam you). You will need to repeat this process for each address, and since setting up new accounts is tedious for spammers this should cut down on some of the spam messages getting in to your inbox with this method. They can and probably will sign up for new e-mail accounts, and you'll have to repeat this process if your caught in the spam lists they're sending out.
For a long term solution, Harass GMail team at google until they do something about it.
Labels: a new spam, anti-spam, e-mail spam, filters, gmail spam solution, spammers