Today, I received a spammed message that made it through my spam filters, thanks to a few clever tricks.
Right off the bat, the message was only a short sentence with a shortened link. The sentence was written in Spanish so anti-spam filters might have had a harder time with it. That was the first clever trick—conciseness. My teachers already told me some time ago that clear and short is better than long and complicated. They were right and they weren’t even talking about spam.
The second trick was the use of a shortened link. Reputation systems cannot immediately tag shortened URLs as malicious, which helps attackers deliver spam. URL shorteners obfuscate links so that they aren’t readily recognizable. While shortening links is a common practice in the Web 2.0 world, they’re not as useful in email. Twitter limits you to 140 characters but, obviously, an email can be longer.