undefined | Better HN

0 pointsljp_2063y ago0 comments

As soon as you suggested that such an embedded PNG may only work on an older client, a lightbulb went off for me.

Most spam is predicated on attacking those too technologically literate to vet the attack. A smart scammer could create an email that would go under the radar of more modern client users, who are likely to report the message as spam and reduce the scammer's reach. If the message only works in older clients used by softer targets, then their chances of success are increased.

If this is the intended method of the attack, it's quite clever. Imagine if you could still blanket spam every email you come across, but only target users with old, outdated clients, who are likely older, less technologically savvy, etc... It would be well worth the R&D time.

Such reasoning follows the theory that spam messages include many typos in order to weed out 'smart' users, who are not desirable targets anyway.

0 comments

logifail3y ago

> likely to report the message as spam and reduce the scammer's reach

Q: Is reporting spam (and if so, to whom?) actually of benefit? If so, how?

If you "report" spam at Gmail or in Office 365, what actually happens?

Does some magic kick in and move - in real time - all identical (similar?) messages out of Inboxes and into Spam folders across the globe? Or is it more about training filters for the next wave?

35mm3y ago

> Does some magic kick in and move - in real time - all identical (similar?) messages out of Inboxes and into Spam folders across the globe?

Not exactly. But the domain they are sending from will get added to shared blacklists.

Spammers don’t send all in one go, so that same message going out to the next batch of people could be stopped.

logifail3y ago

> Not exactly. But the domain they are sending from will get added to shared blacklists.

In real time? After one report or are multiple reports of a spammy domain required?

I use blacklists (and indeed greylisting) on my personal email servers but I'm curious how much we know about how MSFT/O365 and Gmail handle this stuff.

j / k navigate · click thread line to collapse

0 pointsljp_2063y ago0 comments

As soon as you suggested that such an embedded PNG may only work on an older client, a lightbulb went off for me.

Such reasoning follows the theory that spam messages include many typos in order to weed out 'smart' users, who are not desirable targets anyway.

0 comments

logifail3y ago

> likely to report the message as spam and reduce the scammer's reach

Q: Is reporting spam (and if so, to whom?) actually of benefit? If so, how?

If you "report" spam at Gmail or in Office 365, what actually happens?

Does some magic kick in and move - in real time - all identical (similar?) messages out of Inboxes and into Spam folders across the globe? Or is it more about training filters for the next wave?

35mm3y ago

> Does some magic kick in and move - in real time - all identical (similar?) messages out of Inboxes and into Spam folders across the globe?

Not exactly. But the domain they are sending from will get added to shared blacklists.

Spammers don’t send all in one go, so that same message going out to the next batch of people could be stopped.

logifail3y ago

> Not exactly. But the domain they are sending from will get added to shared blacklists.

In real time? After one report or are multiple reports of a spammy domain required?

I use blacklists (and indeed greylisting) on my personal email servers but I'm curious how much we know about how MSFT/O365 and Gmail handle this stuff.

j / k navigate · click thread line to collapse