Trick naming

Each trick in the Spammers' Compendium has a friendly name (which is intended to be humourous), and also a SPUTR name. SPUTR (Spam/Phish Uniform Trick Repository) is a naming scheme for spammer and phisher content tricks that was first proposed by John Graham-Cumming. More details can be found here.

Each name consists of three '!'-separated parts: a purpose, a name, and a technology.

  • The purpose is the reason for the trick (for example, the trick is used to obscure a URL, or to insert innocent words).
  • The name is derived from the current pejorative name.
  • The technology identifies the way in which the trick is coded (for example, with HTML or MIME).


The following table contains a list of 'purposes' that can be used to categorize tricks.

BWOBad word obfuscationMaking it hard for a filter to parse potentially bad words (e.g. Viagra)
GWGood word insertionAdding words likely to confuse a statistical filter.
HBHash bustingInserting randomness designed to make message hashing hard.
TATokenization avoidancePreventing a filter from tokenizing a message.
UHURL hidingHiding a URL so that a user is fooled into clicking an incorrect link.
UOURL obfuscationMaking it hard for a filter to identify a URL and check it against a black list.
WBWeb bugsInserting a beacon that tells the spammer that a message has been read.


For a single name there could be multiple tricks using different technologies (e.g. some tricks might be implemented using HTML or CSS), or tricks that are intended for different purposes (words might be inserted to fool a Bayesian filter or to break a hash).

This table shows the 'technologies' that are recognized in the naming scheme:

HTMLAny HTML without using CSS
JavascriptUse of Javascript for trickery
MIMEManipulation of MIME
PDFUse of PDF files
PlainPlain text
ImageImages (GIF, JPG or PNG)
FlashMacromedia Flash
AudioAny audio file format
OfficeAny office file format


Sound of Silence

Spammers compendium entry - Sound of Silence

The tURLing test

Spammers compendium entry - The tURLing test


Spammers compendium entry - WYSI_not_WYG

Internet Exploiter

Spammers compendium entry - Internet Exploiter

The Microdot

Spammers compendium entry - The Microdot

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.