diff --git a/scan_engine.cc b/scan_engine.cc
index 75ddf5250..052ba2ac6 100644
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -1796,6 +1796,13 @@ static unsigned int pingprobe_score(const probespec *pspec, int state) {
       score = 2;
     else if (pspec->pd.tcp.flags == TH_SYN && (state == PORT_OPEN || state == PORT_UNKNOWN))
       score = 3;
+    else if (pspec->pd.tcp.dport == 25 ||
+      pspec->pd.tcp.dport == 113 ||
+      pspec->pd.tcp.dport == 135 ||
+      pspec->pd.tcp.dport == 139 ||
+      pspec->pd.tcp.dport == 445)
+      /* Frequently spoofed port numbers */
+      score = 5;
     else
       score = 6;
     break;