Select Page

I love doing Google hacks, so this caught my eye: Our friends over at Symantec wrote up an interesting report on an interesting new method spammers are using to bypass filters. Many filters look at the URLs inside of a spam to determine a spamminess of an email.

In this case, a spammer used a Google search link instead of a URL.

Here’s what the spammer did to pull off this little magic trick:
1. The spammer devised a query string which yielded only his or her URL as result of an advanced Google search.
2. The spammer then simulated the click of the “I’m Feeling Lucky” button (notice the ‘&btnl=’ at the end of the above URL) that will take you to the URL of the first result that comes up for the entered search query.
3. Lastly, the spammer packed this URL into a regular email and sent it out to evade spam filters.

Very cute. More at here (via Register).

Alex Eckelberry