SPUTR

Trick naming

Each trick in the Spammers' Compendium has a friendly name (which is intended to be humourous), and also a SPUTR name. SPUTR (Spam/Phish Uniform Trick Repository) is a naming scheme for spammer and phisher content tricks that was first proposed by John Graham-Cumming. More details can be found here.

Each name consists of three '!'-separated parts: a purpose, a name, and a technology.

The purpose is the reason for the trick (for example, the trick is used to obscure a URL, or to insert innocent words).
The name is derived from the current pejorative name.
The technology identifies the way in which the trick is coded (for example, with HTML or MIME).

Purposes

The following table contains a list of 'purposes' that can be used to categorize tricks.

BWO	Bad word obfuscation	Making it hard for a filter to parse potentially bad words (e.g. Viagra)
GW	Good word insertion	Adding words likely to confuse a statistical filter.
HB	Hash busting	Inserting randomness designed to make message hashing hard.
TA	Tokenization avoidance	Preventing a filter from tokenizing a message.
UH	URL hiding	Hiding a URL so that a user is fooled into clicking an incorrect link.
UO	URL obfuscation	Making it hard for a filter to identify a URL and check it against a black list.
WB	Web bugs	Inserting a beacon that tells the spammer that a message has been read.

Technologies

For a single name there could be multiple tricks using different technologies (e.g. some tricks might be implemented using HTML or CSS), or tricks that are intended for different purposes (words might be inserted to fool a Bayesian filter or to break a hash).

This table shows the 'technologies' that are recognized in the naming scheme:

CSS	Use of CSS
HTML	Any HTML without using CSS
Javascript	Use of Javascript for trickery
MIME	Manipulation of MIME
PDF	Use of PDF files
Plain	Plain text
Image	Images (GIF, JPG or PNG)
Flash	Macromedia Flash
Audio	Any audio file format
Office	Any office file format

VBSpam


	Spammers' Compendium 1 across, 3 down A Flash In The Pan A Form of Desperation A Numbers Game A small area About Face Absolute Zero And in the right corner Animated Noise Another Form of Desperation Are you feeling lucky, Sergey? Big Header-ed Blankety Blank Bogus Login But, is it art? Camouflage Catch a Wave Chop GUI Colored Matrix Control Freak Cross your fingers and click Doing The Twist Doing the Splits Don't Cramp My Style Enigma Excel Sent FlexHex Floatation Device Honey, I shrunk the font Honorary Title Hypertextus Interruptus Ignore the smallprint In the background Internet Exploiter Invisible Ink It's Mini Marquee! L O S T i n S P A C E MIME is Money No Whitespace, No Cry Now you see it; now you don't Numbers by Painting Phish Phorm Pretty Darn Fancy Pump up the volume Script Writer Script in the middle Slice and Dice Slick Click Trick Sound of Silence Speaking in Tongues Spell Breaker Sticky Fingers Strip Mining The Big Picture The Black Hole The Daily News The Matrix The Microdot The Office The Rake The Responsibility Transfer The Sieve The Small Picture The tURLing test Times Square Treasure Map WYSI_not_WYG Where are you going? Whiter Shade of Pale You cannot be serious You've been framed Ze Foreign Accent See also Spammers' Compendium Resources

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

VB2012


	VB2012 will take place 26 - 28 September 2012 at the Fairmont Dallas hotel, Dallas, TX, USA.

Virus Bulletin currently has 224,239 registered users.

Fighting malware and spam

SPUTR

Trick naming

Purposes

Technologies

See also