Folks are debating whether spammers’ methods are stagnating, so I have to throw my uninformed two-cents in. They are changing, that much is clear, but I think it is a mearly a shift based on market forces.
Spam filters are tightening up everywhere, so:
– You are seeing more plain text messages. And that plain text may be obfuscated, jumbled, or otherwise arranged to look like even more simple text like the alphabet, separated by carriage returns to keep dirty words like “pharma” from getting caught.
– Less use of HTML forms, and any semblance of scripts is disappearing.
– Botnets are being used, and since authorities and ISPs are catching on quickly, why bother with falsifying headers. Just use the email address of the poor infected sucker. The spammer’s tool will get cleaned up soon anyway, and why leave a trace of your method.
I see a return to the simple life for everyday spammers. It is a multi-level marketing game, and the top agents have bigger fish to fry. The kingpins can spend their time constructing sophisticated looking phishing emails tagged with real digital certificates, while the little guy pushes p3nis pills.