Top Ten Tricks of the Spammer

The spammer’s most fervent hope is that you are ignorant of the tricks and tactics used to spam your inbox. Learning the spammer’s nefarious ways is your best protection against spam.

Manipulating Text:

This is one of the most commonly used spamming techniques. Spammers will manipulate the text in the email, to foil the anti-spam filters. They may, for example, deliberately misspell some words: “M0rtg4ge” for example. They may add characters or spaces to words in the email header, to make the email seem unique from other email. Like this: X_A_N_A_X Here’s an example, . They may also insert random strings of text within the email.

Chain Letters:

Spammers may send out chain letter instructing you to forward the email to your friends and family. To entice you to do so, it may claim that forwarding it will bring good luck. This spam may carry viruses or a Trojan horse, which is sent along to anyone you forward the email to.

Image-based Spam:

The spammer sends out spam that contains an image in GIF format. This image bears the spammy message. Image-based spam is effective in by-passing spam filters because they are generally text-based.

Dictionary attacks:

This is a technique used by the spammers to find email addresses that they can spam. It involves trying random combinations of common names and words, and using these to making up email addresses, e.g.,, The spammer will then send out junk email to the different variations of these addresses in the hope that some of it will go through,

Spammers tend to direct the dictionary attacks at the large email companies, which have a large number of customers.

Email spoofing:

Email spoofing involves the use of a fake email header that is written to make it look like someone other than the spammer sent the email. Very often, the spammer will make it look like the email came from a credible source such as your bank or yahoo, and try to get you to reply with personal information such as a password, social security number or credit card number. This technique is widely used because it is easy to do, and tends to catch the recipients off guard.


The spammer can use Javascript that will ensure that the spam is only visible when the email is loaded. This type of spam can only be prevented using anti-spam software that decodes or blocks the java script.

Social engineering:

This spammer ploy attempts to fool the recipient into reading the junk email by pretending to be an acquaintance. It involves a junk email that has a “personal” subject line, such as “I’m leaving tomorrow,” “I got your message” or “Let’s meet again”.

Mining message boards and chat rooms:

When you post a message to a message board or chat room and leave your email address, automated programs called spambots will find your address and add it to the spammer’s mailing list. Much like a listed phone number in the telephone directory, leaving your email at these types of websites makes it public information.

Web beacons:

A web beacon, also called an “invisible GIF,” is an image sent out with spam that is invisible to the recipient. When the email is opened, the spammer will be alerted that your email address is “live.”

Open proxy, 3rd-party servers:

An open proxy is a third-party server that enables the spammers to camouflage their real identities as well as their Internet locations, when they send out their junk mail. Many spammers use these open proxy servers to help maintain their anonymity.