2

I sometimes open my spam folder. Recently I discovered a spam, the sender name was somebody I know, but one letter in her name was changed from 'i' to 't'. Today I received a spam with this name again, but this time an 'a' was changed to 'q'. Why do spammers do this letter change?

Even my e-mail id in the spam appears misspelled: first an 'r' was changed to 'p', now an 'r' to 'k' and an 'i' to 'u'.

robert
  • 153
  • 1
  • 7
  • 2
    Possible duplicate of [Why do phishing emails have spelling and grammar mistakes?](https://security.stackexchange.com/questions/96121/why-do-phishing-emails-have-spelling-and-grammar-mistakes) – A J Sep 14 '18 at 08:47
  • 4
    @AJ I don't think it's a duplicate. The answers there cover misspellings in the subject and body. Here, apparently, it's about deliberately misspelling names of people that the target knows. – S.L. Barth Sep 14 '18 at 09:16

1 Answers1

2

It's a very easy way for spammers to spoof an e-mail address without altering any header information: just create an e-mail account that looks similar to the naked eye at a glance.

Some e-mail security controls may also flag differences between the displayed name and the sender or, in the case of SPF checks, actually check the originating IP with the sender.

As an aside, there's also the theory that this sort of low-hanging fruit is deliberately done so that the only respondants to a social engineering attempt are those who are so gullible it, they will fall for whatever scam the advesary is attempting. They're effectively trying to maintain a high success rate for the time spent e-mailing users bacmk and forth: someone who misses small details like a Cyrillic rather than Latin letter may also believe that this Nigerian prince really does need their help in funneling money out of Lagos through their bank account.

It's quick, it's easy.

Doomgoose
  • 736
  • 4
  • 8