Why do the more recent spams have so colorful subjects?

And I mean really colorful, as in it has signs and colors.

Like the one in the featured image.

If you look in their source, they look like this:

Subject: =?utf-8?b?8J+QlfCfkIhZb3UgY2FuIHNhdmUgb24gcGV0IGZvb2Qg8J+QlfCfkIg=?=

 

 

As it can be seen on this page, there are all possible symbols described: http://www.unicodetools.com/unicode/codepage-utf8.php

All it has to do is to force the email client to display them.

Most of the time, it actually works, as can be seen above.

Sometimes, it doesn’t, even if the symbols are correctly set up:

Subject: =?utf-8?q?=F3=BE=86=93_sorin=2Emustaca=2C_Discount_Dental_Implants_in_You?=
 =?utf-8?b?ciBBcmVhIPO+hpM=?=


nocolor-subject

You can actually see the character’s code number 🙂

 

 

So, are they dangerous ?

Not really… usually.

I can imagine though, that if the mail client has a vulnerability when it displays certain characters, some bad guys could use it to exploit it.

This way it could, in theory, trigger an unwanted execution of a script or download a file and execute it.

 


© Copyright Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: