Spammers Using Soft Hyphen To Hide Malicious URLs 162
Trailrunner7 writes with this excerpt from ThreatPost illustrating the ongoing Spy-vs.-Spy battle between spammers and the rest of us:
"Spammers have jumped on the little-used soft hyphen (or SHY character) to fool URL filtering devices. According to researchers, spammers are larding up URLs for sites they promote with the soft hyphen character, which many browsers ignore. Spammers aren't shy about jumping humans flexible cognitive abilities to slip past the notice of spam filters (H3rb41 V14gr4, anyone?). ... The latest trend involves the use of an obscure character called the soft hyphen or 'SHY' character to obscure malicious URLs in spam messages. Writing on the Symantec Connect blog, researcher Samir Patil said that the company has seen recent spam messages that insert the HTML symbol for the soft hyphen to obfuscate URLs for Web pages promoted by the spammers."
H3rb41 V14gr4? (Score:5, Insightful)
I never got the leet speak in spam thing. Sure, it might get past the filter, but who can read it? Are they trying to sell drugs to script kiddies?
Re:H3rb41 V14gr4? (Score:4, Insightful)
I never got the leet speak in spam thing. Sure, it might get past the filter, but who can read it? Are they trying to sell drugs to script kiddies?
I don't know about you, but I can't stop trying to figure out what word they're trying to represent with the symbols. For example, I know the second word in your subject means viagra, but what is "H3rb41"? Oh..."herbal". It's naturally (perhaps unknowingly) targeted towards geeks and puzzle-solvers, which perhaps isn't the worst market to target available-without-human-contact penis drugs towards.
Re:What is it? (Score:2, Insightful)
Re:Why (Score:5, Insightful)
Re:H3rb41 V14gr4? (Score:3, Insightful)
I thought the only situation where you need Viagra is exactly human contact (in the most literal meaning of the word).
Re:So how often is it used legitimately? (Score:3, Insightful)
Re:What is it? (Score:3, Insightful)
Are registrars accepting domain names with soft hyphens? And if so, why? It's rather obvious that such domain names would only be used for fraud.
IMHO registrars should not accept any non-printable character in domain names.
Re:What is it? (Score:3, Insightful)
Yes, they are. Otherwise this story wouldn't exist.
Why? Because they like money, and don't give a fuck.
Of course they should not accept any non-printable characters.
Registrars are pretty much only half a step above the spammers in terms of ethics / shittiness.
Re:Why (Score:2, Insightful)
Where one in English might use a series of adjectives plus a noun a German would use a single agglomerative word - what is your problem?
Deutsch is a sufficiently sophisticated language without your assistance.
It doesn't work the same as your native tongue - get a life and stop trolling my forum - twat.
Re:Why (Score:3, Insightful)
This is purely senseless and is a mark of poor language design.
Languages (in general) aren't designed, they evolve. Which makes your (all too long-winded) point quite moot.