Spammers hide behind Google’s “I’m feeling lucky” button

November 27, 2007

Anti-spamNewsSpamSpam filterSpam filtering

Spammers often use clever tricks to disguise the actual link of the site they are trying to fool the recipient into visiting. The latest trick is to construct a Goggle search link which utilizes Google’s “I’m feeling luck” feature.

Clicking such a link is identical to manually entering a search query on Google and clicking the “I’m feeling lucky” button. Google will run the query and automatically redirect your web browser to the top most result matching that query. For a spammer this is quite easily exploited. All he needs to do is to construct a Google query which returns the spammer’s site at the top of the result. One way to achieve this is using Google’s inurl search operator. E.g. inurl:E87ABD4CB56 will only return pages which contain E87ABD4CB56 in the address. It shouldn’t be hard for the spammer to come up with something unique.

So why would a spammer do this? Well, some spam filters use addresses in e-mails to determine if they are spam or not. By using Google addresses, some spam filters could get confused because Google is usually a trusted site. For a spam filter which only cares about the host name in the addresses (i.e. www.google.com) this could be a problem. Other spam filters, which look at the entire address, shouldn’t be affected by this trick.

2020 filtering stats

It is already 2021 and 2020 is finally (or not) over. It has become a good tradition to look back on the year that’s passed and provide you with annual spam filtering stats. Let’s have a quick look on the … Continue reading

New Android app released!

This day has come! A new version of the Spamdrain Android app is released and ready to be downloaded in Google Play. The latest version is 4.0.3-1002. The most important fixes and improvements in the latest release: Night mode: Fresh … Continue reading