Why are incorrect characters so prominant in spam journal emails?

Question

Recently I have been finding a great many emails from preditory publishers in my spam box. While I know each of these are almost certainly preditory publications, I am confused as why there are so frequently strange unicode characters in the email body (alphas in place of a's etc). Does any one have any idea why these seemingly outlandish errors are so common in these emails?

There's an answer over on Information Security: https://security.stackexchange.com/questions/214306/why-do-so-many-spam-emails-lately-contain-a-lot-of-unicode-characters — KeyboardCat, Oct 02 '23 at 09:29
Also one on this site: https://academia.stackexchange.com/questions/170509 — cag51, Oct 02 '23 at 20:25
You mean deliberately making spelling errors like 'prominant'? — Michael Harvey, Oct 03 '23 at 14:21

Ian · Accepted Answer · 2023-10-02T18:09:33.660

The reason these "look-alike" characters are used in predatory journal spam is the same reason they are used in all types of spam: it is an attempt to bypass spam filters.

At least historically, spam filters worked by examining the words in the message. For example, if the word bitcoin is associated with spam, if your spam email requests payment in bitcoin, your message is more likely to get blocked by the filter.

Imagine you replace the i with and now have btcoin. If the developer of the spam filter failed to take into account all of the i look-alikes in unicode, then your spam message doesn't contain the word bitcoin anymore. Therefore, it is more likely to make it into the recipient's inbox.

Major email providers' spam filters are, of course, much more sophisticated these days; after all, that email ended up in the spam box, right?

score 6 · Answer 2 · edited Oct 02 '23 at 20:18

6

Adding to the IT answer "Why do so many spam emails lately contain a lot of unicode characters?" from Infomration Security SE site , there is a sociological answer: when you do a scam, you want to get the easy fish in your net, not the smart one.

Put some obvious errors/dubious things in your text, you can be quite sure that the smart ones will stay away, filtering "in" the gullible ones.

Apart from the initial mass email, most of the scams are then fine tuned on a 1-to-1 basis, so for the scammer it is of the uttermost importance of filtering out potential wasters of their time.

edited Oct 02 '23 at 20:18

Mad Physicist

127
2
7

answered Oct 02 '23 at 11:22

EarlGrey

17,959
2
28
79

1

While this may sound plausible, are there any studies showing that scammers indeed intentionally make their messages look easy to identify? – user1079505 Oct 02 '23 at 15:31
1

@user1079505 Luckily people use their time to produce more interesting scientific studies than investigating the method employed by scammers to scam people. I would be happy to be proven wrong, but at the same time I do not need a study to know that if I bath in boiling water I get burnt. – EarlGrey Oct 02 '23 at 15:37
6

@EarlGrey there is a lot of value in studying scammers - it can inform end user education and mitigation strategies like filters or legal enforcement. Would you say the same thing about cybersecurity research in general? – crass_sandwich Oct 02 '23 at 17:50
8

That the errors in scam messages are on purpose to find gullible people is an unsubstantiated internet rumor. In fact, I searched for hours trying to find proof, and I found not one shred of evidence to support it. Instead, I came to the conclusion that non-native speakers (like the ones behind many of these scams) don't always produce grammatical, idiomatic texts. (cc @user1079505) – Laurel Oct 02 '23 at 17:53
2

@Laurel "not one evidence to support it" it is a bit of hyperbole, since you mention a research paper from Microsoft that has been cited 147 papers. Thanks! – EarlGrey Oct 02 '23 at 18:21
A theory might be very good, logical, plausible, consistent, and still not true. – user1079505 Oct 02 '23 at 19:12
3

Is Infomration Security a spoof of spam misspellings? – Ben Voigt Oct 02 '23 at 19:15
@BenVoigt that, and the "cited 147 papers" shhh ;) – EarlGrey Oct 02 '23 at 19:37
@user1079505 "very good" does not mean anything with respect to describing a theory. Consistent as well: consistent with waht? – EarlGrey Oct 02 '23 at 19:39
1

And, there's the meta-explanation that the naive spammers have themselves are indeed naive enough to have been conned by the slightly-cleverer people selling them the software to create the spam... So there's maybe a filter on the savvy of the spammers themselves... :) – paul garrett Oct 02 '23 at 20:09
@paulgarrett a big part of automotive engineering is to produce big cars with too many horses in the hood to be controlled without electronic stability control , to be sold to gullyible people (which sometimes crash with great pain to involved people)... why should selling software to scammer with special features to improve their hit ratio should be bad? as long as the counter-measures to the special features of the software are not sold to companies targeted by scammers it is all fine, isn't it? – EarlGrey Oct 02 '23 at 20:18
1

@EarlGrey :) :) – paul garrett Oct 02 '23 at 20:30

Why are incorrect characters so prominant in spam journal emails?

2 Answers2