SPUTR

Trick naming

Each trick in the Spammers' Compendium has a friendly name (which is intended to be humourous), and also a SPUTR name. SPUTR (Spam/Phish Uniform Trick Repository) is a naming scheme for spammer and phisher content tricks that was first proposed by John Graham-Cumming. More details can be found here.

Each name consists of three '!'-separated parts: a purpose, a name, and a technology.

  • The purpose is the reason for the trick (for example, the trick is used to obscure a URL, or to insert innocent words).
  • The name is derived from the current pejorative name.
  • The technology identifies the way in which the trick is coded (for example, with HTML or MIME).

Purposes

The following table contains a list of 'purposes' that can be used to categorize tricks.

BWOBad word obfuscationMaking it hard for a filter to parse potentially bad words (e.g. Viagra)
GWGood word insertionAdding words likely to confuse a statistical filter.
HBHash bustingInserting randomness designed to make message hashing hard.
TATokenization avoidancePreventing a filter from tokenizing a message.
UHURL hidingHiding a URL so that a user is fooled into clicking an incorrect link.
UOURL obfuscationMaking it hard for a filter to identify a URL and check it against a black list.
WBWeb bugsInserting a beacon that tells the spammer that a message has been read.

Technologies

For a single name there could be multiple tricks using different technologies (e.g. some tricks might be implemented using HTML or CSS), or tricks that are intended for different purposes (words might be inserted to fool a Bayesian filter or to break a hash).

This table shows the 'technologies' that are recognized in the naming scheme:

CSSUse of CSS
HTMLAny HTML without using CSS
JavascriptUse of Javascript for trickery
MIMEManipulation of MIME
PDFUse of PDF files
PlainPlain text
ImageImages (GIF, JPG or PNG)
FlashMacromedia Flash
AudioAny audio file format
OfficeAny office file format

Entries

A small area

Spammers compendium entry - A small area

Ignore the smallprint

Spammers compendium entry - Ignore the smallprint

Script in the middle

Spammers compendium entry - Script in the middle

The Responsibility Transfer

Spammers compendium entry - The Responsibility Transfer

Colored Matrix

Spammers compendium entry - Colored Matrix

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.