The Latest Technique In Spamming...pdf Spam.

#1 Grinler

Bleep Bleep!

Group: Admin
Posts: 36,603
Joined: 24-January 04
Gender:Male
Location:USA

Posted 27 June 2007 - 11:23 AM

By: Lawrence Abrams

For the last year one of the more annoying developments in mass spamming has been a technique where the spam is embedded in an image. With this method it is much more difficult for spam filters to determine if an email with a image is spam or legitimate. Over time developments were made to counteract this technique by performing optical character recognition on the attached images to determine the text encoded in them. This would allow the spam filter to then analyze the text in the image and determine if it was spam.

This week a new technique started being used in which spam image is embedded in an attached PDF document as shown below.

One method for spam filters to combat this new technique would be to extract the images from the PDF and then perform their normal image analysis techniques on the exported image. Unfortunately, the spammers have altered the PDF documents so that they are damaged but still viewable. This makes it so at least three open source PDF converters I tested (Xpdf, ImageMagick, and PDF-111) can't properly extract the image from the spam while they work perfectly with normal PDF files.

Overtime, a new method will be found to correct these PDF files so that they can be parsed, but until that time keep a lookout for these types of spam.

Lawrence Abrams
Circle BleepingComputer on Google+!
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
How to detect vulnerable programs using Secunia Personal Software Inspector <- Everyone should do this!

#2 JohnWho

Who is running the store?

Group: Members
Posts: 2,525
Joined: 26-November 05
Gender:Male
Location:Tampa Bay Area, Florida, USA

Posted 27 June 2007 - 01:46 PM

Amazing.

Thanks for the heads up.

I know you think you understand what you thought I said,
but I'm not sure you realize that what you heard is not what I meant!

#3 rigel

FD-BC

Group: Global Moderator
Posts: 12,764
Joined: 21-October 04
Gender:Male
Location:South Carolina - USA

Posted 28 June 2007 - 07:09 PM

What amazes me is that people reply to this type of thing. Thanks for the post Grinler.

"In a world where you can be anything, be yourself." ~ unknown
"Fall in love with someone who deserves your heart. Not someone who plays with it. – Will Smith

#4 JoshT

Member

Group: Members
Posts: 115
Joined: 25-February 07

Posted 30 June 2007 - 10:14 PM

Thats interesting, I kinda like spam though, I never really get any emails, and when I read some spam, I know that someone was thinking about me, when they sent it.

=Josh

#5 DSTM

"Bleepin' Aussie Addict"

Group: Members
Posts: 2,649
Joined: 14-October 06
Gender:Male
Location:SYDNEY-AUSTRALIA

Posted 01 July 2007 - 12:54 AM

JoshT, on Jul 1 2007, 01:14 PM, said:

Thats interesting, I kinda like spam though, I never really get any emails, and when I read some spam, I know that someone was thinking about me, when they sent it.

=Josh

You can't be serious 'JoshT'

#6 JoshT

Member

Group: Members
Posts: 115
Joined: 25-February 07

Posted 01 July 2007 - 01:57 PM

DSTM, on Jul 1 2007, 12:54 AM, said:

JoshT, on Jul 1 2007, 01:14 PM, said:

Thats interesting, I kinda like spam though, I never really get any emails, and when I read some spam, I know that someone was thinking about me, when they sent it.

=Josh

You can't be serious 'JoshT'

I wasn't serious, that's the joke.

But spam can become a serious issue. But hopefully some Techy will come up with a solution.

This post has been edited by JoshT: 01 July 2007 - 01:58 PM