Spammers Using Captchas

Anti-spam efforts are going to have to use the same tactics the spammers use to bypass filters. Spammers are now using captcha technology to bypass normal spam text filters. As an example, I received a spam captcha e-mail this morning where the spam products were in an image, and the actual text in the e-mail was typical spam poetry.example of a spam captcha
An example of a Spam Captcha

Captcha works as a human verifier. If you look to the bottom of this entry, you’ll see a jumble of letters and numbers. That is a captcha. It’s to make it harder for spammers to create automated scripts or robots from just posting spam to your blog, forum, or other type of web form. The reason the letters are so jumbled is because OCR (optical character recognition) software is cheap and can recognize standard text in images. Most consumer scanners come with a basic OCR software that lets you scan in a letter or other document, and then convert the recognizable text into something you can edit digitally in MS Word or notepad.

As you can see from this captcha-like image above that I received in my e-mail this morning. I have removed the actual website it advertised. The spammer used the captcha to display his ad, and then put spam poetry as the actual text in the message. This tricked my spam filter into not thinking it was spam.

As more effective methods are devised to block spam, there’s always going to be more innovations to avoid it.