14 DAY TRIAL // Some spam messages contain phone numbers instead of links that point to locations where different products are advertised. To make sure they successfully avoid spam filters, Russian spammers devised some new ways in which they make phone numbers remain undetected.
Symantec researchers reveal the large number of methods utilized by Russian spammers to list phone numbers in email messages without raising the suspicion of any anti-spam solution.
One of the simpler methods implies placing symbols between the figures that compose the number. For instance, (495) 123 456 can be transformed into (4~9~5)1~2~3~4~5~6, but this is only one of the more unsophisticated means of disguising a number.
In some cases, Russian characters that resemble figures will be utilized to replace some numbers. If in English only 0 and 1 can be written with letters, in Russian, even 3, 4 and 6 have similar symbols they can be replaced with.
The symbols Зз, Оо, Чч and Ьь can be efficiently placed into a spam advertisement and its recipients will surely know what number to call.
Since anti-spam technology evolved a lot, some of these tricks can now be identified and that’s why spammers took these techniques even further.
In some scenarios, the numbers were actually spelled in Russian words, which would make the above phone number look something like (четыре девять четыре) один два три четыре четыре шесть.
One final strategy involves writing the area code with the actual name of the city it represents. In this case, 495 becomes Москва (Moscow).
By using a combination of these cryptographic mechanisms, spam filters don’t stand a chance against the malicious messages. However, while some may think that a phone number is not as dangerous as a link that points to a piece of malware, in reality, a phone number can always hide a premium rate number or a person that’s prepared to perform some precisely targeted social engineering.