Title :
Spammer success through customization and randomization of URLs
Author :
Warner, Gary ; Rajani, Dhiraj ; Nagy, Mike
Author_Institution :
Univ. of Alabama at Birmingham (UAB), Birmingham, AL, USA
Abstract :
Spam researchers and security personnel require a method for determining whether the URLs embedded in email messages are safe or potentially hostile. Prior research has been focused on spam collections that are quite insignificant compared to real-world spam volumes. In this paper, researchers evaluate 464 million URLs representing nearly 1 million unique domains observed in email messages in a six day period from November 2014. Four methods of customization and randomization of URLs believed to be used by spammers to attempt to increase deliverability of their URLs are explored: domain diversity, hostname wild-carding, path uniqueness, and attribute uniqueness. Implications of the findings suggest improvements for “URL blacklist” methods, methods of sampling to decrease the number of URLs that must be reviewed for safety, as well as presenting some challenges to the ICANN, Registrar, and Email Safety communities.
Keywords :
computer crime; unsolicited e-mail; Email Safety communities; ICANN communities; Registrar communities; URL blacklist methods; URL customization; URL deliverability; URL randomization; attribute uniqueness; domain diversity; email messages; hostname; malicious email; path uniqueness; real-world spam volumes; sampling methods; spam collections; spammer; wild-carding; Personnel; Pharmaceuticals; Safety; Security; Uniform resource locators; Unsolicited electronic mail; URL evaluation; domain registration; malicious email; spam;
Conference_Titel :
Electronic Crime Research (eCrime), 2015 APWG Symposium on
Conference_Location :
Barcelona
DOI :
10.1109/ECRIME.2015.7120799
