What are the community's thoughts on handling spam/phishing that utilize
homoglyphs to obfuscate the brands they're targeting? Are there any
plugins that are in development that might assist with catching these?
For example, here are some phrases that I've been monitoring from reported
messages:
* that Âmåzon has received
* Äpple Watch
* Ã??le iPad
* A??le iPad
* PäyPäl Credit
* P?yP?l Credit
* Spãce Gray
* to Over Støck Inc on
* subscribed for Nõrtõn Yearly
* subscribed for Nõrtøn Yearly
* the Nõrtõn Freedom Protection
Existing rules (mainline SpamAssassin channel, KAM, etc.) don't seem to
flag much, if anything substantial, on the messages I've seen with this
behavior. I've trained bayes on each, and created a custom set of rules to
try to catch various patterns used in the messages.
homoglyphs to obfuscate the brands they're targeting? Are there any
plugins that are in development that might assist with catching these?
For example, here are some phrases that I've been monitoring from reported
messages:
* that Âmåzon has received
* Äpple Watch
* Ã??le iPad
* A??le iPad
* PäyPäl Credit
* P?yP?l Credit
* Spãce Gray
* to Over Støck Inc on
* subscribed for Nõrtõn Yearly
* subscribed for Nõrtøn Yearly
* the Nõrtõn Freedom Protection
Existing rules (mainline SpamAssassin channel, KAM, etc.) don't seem to
flag much, if anything substantial, on the messages I've seen with this
behavior. I've trained bayes on each, and created a custom set of rules to
try to catch various patterns used in the messages.