Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spammers Using Soft Hyphen To Hide Malicious URLs

Posted by timothy on from the conservative-in-what-you-accept dept.

Trailrunner7 writes with this excerpt from ThreatPost illustrating the ongoing Spy-vs.-Spy battle between spammers and the rest of us: "Spammers have jumped on the little-used soft hyphen (or SHY character) to fool URL filtering devices. According to researchers, spammers are larding up URLs for sites they promote with the soft hyphen character, which many browsers ignore. Spammers aren't shy about jumping humans flexible cognitive abilities to slip past the notice of spam filters (H3rb41 V14gr4, anyone?). ... The latest trend involves the use of an obscure character called the soft hyphen or 'SHY' character to obscure malicious URLs in spam messages. Writing on the Symantec Connect blog, researcher Samir Patil said that the company has seen recent spam messages that insert the HTML symbol for the soft hyphen to obfuscate URLs for Web pages promoted by the spammers."

2 of 162 comments (clear)

  1. H3rb41 V14gr4? by MrEricSir · · Score: 4, Insightful

    I never got the leet speak in spam thing. Sure, it might get past the filter, but who can read it? Are they trying to sell drugs to script kiddies?

    --
    There's no -1 for "I don't get it."
  2. Re:Why by KillaGouge · · Score: 4, Insightful

    please ignore my parent post. It seems that GP is correct

    --
    GENERATION 25: The first time you see this, copy it into your sig on any forum and add 1 to the generation. Social exper