Towards a formatting-based spam filter

The spammers’ biggest strength – their ability to adapt quickly to new filtering methods – hides one of their most important weaknesses, the inability to change certain aspects of the message. such as the spam layout, the way a message “looks”.
Unfortunately, so far this topic attracted little research, if any, possibly because some spam e-mails have no significant layout differences from legit mail.
However, formatting, either plain text or html, is a valuable source of information for certain types of email, such as most newsletters, phishing e-mails or nigerian scams. These could be singled out by onsidering this criterion.
The massive text and standard signatures of the 419 – nigerian – scams, the multitude of links and addresses in newsletters, the logos in phishing messages are only a few examples of obvious visual identifying items widely known. But, though widely encountered and full of valuable information, these patterns are, to the best of our knowledge, scarcely used in identifying email type. We’re working on correcting this ommission.
tags
Author
Right now
Top posts
BackdoorDiplomacy Wields New Tools in Fresh Middle East Campaign
December 06, 2022
Side-Loading OneDrive for profit – Cryptojacking campaign detected in the wild
October 05, 2022
A Red Team Perspective on the Device42 Asset Management Appliance
August 10, 2022
Vulnerabilities Identified in Wyze Cam IoT Device
March 29, 2022
New FluBot and TeaBot Global Malware Campaigns Discovered
January 26, 2022
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately
December 10, 2021