With our globalized economy, non-English email between international organizations has become the norm for business communication. However, at the same time, non-English spam is also becoming more and more of a problem for national and international enterprises.
For the past several months, Symantec has noticed an increase for Chinese language spam, as shown in the graphic below:
What’s interesting about this increase is the resurfacing of a body-obfuscation technique that is being used by Chinese spammers—the technique is called “invisible text.” What is “invisible text,” exactly? Invisible text is the body text that’s the same color as the background; therefore, it is invisible to the human eye.
Below are some samples that Symantec has observed. The first sample is a typical Chinese seminar (training course) promotion spam. The invisible text is located between the numbers inside the red circle.
The second sample is a product offering with a clickable URL. The invisible text is located at the bottom of the page inside the red circle.
Invisible text body obfuscation is not a new spamming technique—it has been seen previously in English spam. The purpose of the technique is to evade anti-spam filters, because while invisible text obfuscation renders text as invisible to humans, anti-spam engines are sensitive to every single character in a message body. With the recent spike in Chinese language spam volumes, Symantec will continue to monitor these attacks and will react accordingly.
Leave a reply