This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
White-Out
To hide the non-spam text used to sneak the message by the filter from the recipient of the message, the spammer
uses HTML font tags to make it the same color as the background of the message. The spam text itself is set to
display in a color that contrasts with the message background.
If a filter is smart enough to identify this trick, it can immediately classify as spam a message that contains a large
amount of text that is the same color as the background. Overly simplistic Bayesian filters can potentially be
poisoned by this method, and signature-matching filters can be fooled if the text is randomly changed between
messages.
Several advanced versions of this technique are currently being used by spammers in an attempt to get around
smart filters that recognize the original trick. One variation is to display the non-spam text in a color that is very
close to the background color, but not exactly the same. This tends to work very well, since most modern
computer screens can display upwards of 16 million colors while the human eye can only distinguish
approximately 10,000 colors. To catch this variation, filters have to contain a fuzzy logic model that can mimic
the human eye’s response to color.
9 Common Spammer Tricks
Another popular variation is to display the non-spam text in the same color as the spam text, but in a miniscule
font size. Several thousand words of non-spam text can be condensed into a couple inches of screen space if
they’re displayed in a 2 point font size.
HTML Abuse
Various HTML tags can be abused to hide text from a user while making sure a Bayesian filter sees it. Some
common examples are:
• Placing random words in the tag of an HTML message. Most email clients don’t display the
contents of this tag.
• Placing a paragraph of random text or text from a news site into the VALUE attribute of a hidden HTML
form field.
• Using a tag to hide large blocks of random text.