This message landed in the Junk E-mail folder of Windows Live Mail today, addressed to a Hotmail account that I have used for at least 10 years. Can we count the things that are wrong with it?
1. The message was composed using the Cyrillic character set, indicating that the author was probably Russian. A U.S.-based company like Amazon normally uses the Unicode character set.
2. That return address, sirvces[at]amzn.com? Uh, no. (Amzn.com appears to be a legitimate domain owned by Amazon.com, but the Russian author of this phishing attempt failed the spelling test on the word “services.”)
3. No text in the body of the message, just a graphic, which the mail client blocked from being displayed. Hovering the mouse pointer over the image placeholder reveals its location in the status bar along the bottom of the window. Amazon doesn’t normally host its graphics in user directories at hacked websites.
Clicking the link displays a graphic that uses the Amazon logo and looks like a text message, mimicking the typeface Amazon uses in its customer communications.
So, it’s good that Windows Live Mail swept this into my Junk folder and blocked the image. But I’m curious why a message like this one wasn’t filtered out completely.
Ed Bott (@ wordpress.com) 
They can’t just delete things that look like spam. 99% of the time it’s spam but as soon as Hotmail deletes a legit item there’d be uproar. At least it marked it as junk and blocked the images. Not bad going.
Craig, they delete things that look like spam all the time. This mailbox gets thousands of spam messages a day, I am certain, virtually all of which are deleted as confirmed spam.
I’m just curious why this message, which is wrong on so many levels and should have been rejected, got through and why it wasn’t marked as a phishing attempt.
Unfortunately, the spam filter on hotmail / windows live sucks. I would think with it being microsoft it would be much better. I have the spam filter set on high (whatever they call it) and i have emails get through all the time that i ask myself how in the world could they ever get through the spam filter. I will have emails with “viagra” in the subject like that gets through. The spam filter on Gmail is much much better. It catched almost all spam and very rarely catches good email. Microsoft needs to do some serious work on windows live mail
if you look in Vista’s Windows Mail there’re options to block any character set you don’t like.
Ah, interesting. That option’s in Windows Live Mail as well, but boy oh boy is it buried!
I rarely receive spam in my inbox through Live Mail. Yahoo, on the other hand, is horrendous.
Slightly off-topic: Since you screen captured the latest version/update of WLM, I can’t resist observing that the update replaces the traditional Send/Receive button with something called Sync and even fails to place it on the toolbar by default.
That’s user-hostile.
WLM still can’t remove attachments …
If the source of the junk mail has not been previously reported to the filter, it will not be blocked.
The mis-spelling of the word services is deliberate. They do not want a reply to arrive at a legit email address used by amazon. They want it to bounce back to the sender.
Guttmann, the Sync button IS on the toolbar by default.
I concur with Brent; Hotmail’s spam filter is horrid while Googles spam filters is unbelievably good.
Google? I have received Chinese spam on a consistent basis, starting the day I signed up for gmail. It goes to the Spam folder but, the point is, it is blatant junk that shouldn’t get through at all.
Of all the the things about microsoft one could complain about, the fact that windows live mail filters junk mail into a folder rather than deleting it has got to be one of the dumbest things I’ve heard.
Do you really trust microsoft enough to let them delete your email? Cause I sure as heck don’t. I’ve seen too many messages falsely flagged as spam.
Does anybody know of ANY filter-based system that never gives false positives?
You don’t seem to understand, dstarfire. Hotmail already deletes tons of email. This account has been around for 10 years. It would get thousands of spam messages a day if not for spam filters. Instead, a relative handful make it into my Junk folder. I prefer that to Google’s approach, which is to send ALL those thousands of messages to the Junk folder, making it nearly impossible to find false positives.
My question (not complaint; there is a difference) is why does the algorithm not recognize something as flagrantly spammy as this? Here’s the final paragraph: “So, it’s good that Windows Live Mail swept this into my Junk folder and blocked the image. But I’m curious why a message like this one wasn’t filtered out completely.”
You call that a complaint?