I just deleted a spam comment where the spammy words (the name of a drug and links to sites where you can buy it) had some of the characters encoded as entities, to foil simple keyword-based spam filters.

It’s funny because this exact technique has been used as a counter-measure to spam for quite some time to “safely” publish email addresses, on the theory that an automated email address harvester won’t be smart enough to resolve the entities.

(sounds like the same guy hit Dougal’s site too)