« (Sigh) More PC Hijackings on the Way Today | Main | More Hijackings Followup »
Home | The Book | Training | Events | Tools | Stats |
January 30, 2005
A Spammer Revives a Lost Art (Poorly)Long before computer screens could portray curvy lines and paint in color, many clever geeks created "art" by carefully laying out regular alphanumeric characters (printed line by line). When viewed from a few steps back, the display or printout represented peoples' faces, buildings, just about anything. It was like a mosaic effect, and was sometimes called ASCII Art, because the characters were from the standard character set of numbers, letters, and common punctuation in the ASCII character set. Even in the pre-personal computer days, teleprinter operators commonly exchanged this type of art to be printed on paper rolls.
An important aspect of this kind of art is that the output is expected to be displayed or printed in a monospaced font. Even spacing between characters is vital to conveying the image.
One spammer appears to have revived the art form for his medz spamming. He creates words using a variety of underscores, slashes, parentheses, and vertical bar (pipe) characters. If you have the right font installed (most Windows users would), one of the words looks like this:
My system didn't have the desired font installed, so all I could see is:
Near the bottom of the message were the ASCII art words "click here," which were surrounded in the message body by an HTML link tag, making the entire ASCII art version clickable.
Other than the fact that his message was sent from a zombie PC, I wonder how a variety of spam filters will treat this message. It is over-encumbered with codes for non-breaking spaces, which may be a telltale sign. He also includes some <font> tags specifying a size of one pixel—usually a dead giveaway to spamminess.
But before you quickly open unsolicited messages to see if they contain ASCII art, be sure you follow the instructions in Spam Wars to pre-inspect messages safely. You don't want to open a message that either has a Web bug in it or silently loads some nasty stuff into your PC.
Posted on January 30, 2005 at 12:32 PM