![[ Align to Top ]](img/g_ball.gif)
URL Contains "Username@"
URL Contains "Username@"Technique courtesy of "Bruce" in news.admin.net-abuse.email.
If the obfuscated URL has an @ in it then everything prior to the @ can be thrown away (a username and password, if necessary, is placed prior to the web address using the @ character) so the following two examples are NOT the same:
'1' would properly resolve to 3498702899, but if you think that '2' would then you just fell for one of the spammers obfuscation tricks. In '2' the actual web address would be 123457890 (the number following the @). If you're not extremely careful about this then you can easily end up complaining to the wrong internet provider since the spammers will most likely put a valid address before the @ that would resolve to a service like tripod, freeyellow, etc. thereby deflecting complaints there.
Remember that in general a URL is in the following format
protocol://[username:password@]domain[/document_path[#anchor]]
For those of you not familiar with regular expressions, the portions in brackets ] are optional.
As far as spammers go, the protocol will be http 99% of the time. You might see ftp every once in a while. I don't think I've ever seen spam with news, gopher, or any other protocol in the URL prefix. Spammers make use of the fact that the username/password and anchor parts of the URL are ignored in the vast majority of cases (almost always when dealing with spamvertised pages). So make sure you analyze a URL entirely for these sorts of tricks before trying to figure it out yourself.
Contents Copyright © 1998, 1999, 2000, 2001, 2002 by George Crissman. All
rights reserved worldwide.
Page design by George Crissman,
strads@tmisnet.com,
updated 4/30/2002.