How spammers identify their targets

[Humpty]

Quote:

 

Ask any Internet user what they hate most about being online and you will usually hear an earful about spam. Spam is considered by many to be the scourge of the Internet. It is certainly a costly problem, both in time and in the costs organizations expend to fight it.

 

Personally, I spent some time the last few weeks looking at spam and learning about how it is created and how it spreads. What I found was a very interesting and clever process that would-be spammers use to identify targets.

 

Article

[TheFiresInTheSky]

ive seen the one with forums happen.

i signed up on a site and the site got hacked.

later that week i started getting about 100 messages a week.

from then on, i have 2 email addresses.

[Humpty]

Funny thing is I use my yahoo email account to sign up to forums and never get any spam,or hardly ever.

 

Now my 2 private email addresses through my ISP using Outlook express attract about 10 a day.

 

The spam never gets on to my pc as I use a program called Palmail that shows me what mail is at my server and can delete all the crap there.

 

Then I open OE to retrieve any good mail.

 

Those spammers are a pain in the Rs.

 

Anyone know how to knock em for six?LOL

[Eldmannen]

A couple of methods is that they use a name-list which mass spend names from a text file to many domains, example alice@example.com, bob@example.com, charlie@example.com and it has lots of common names.

 

Another method they use is e-mail address harvesting. They have a bot that browse websites and look for email addresses by identifying patterns of text that looks like an e-mail addess, ex. [a-z0-9\-\.]@[a-z0-9\-].[a-z]{2,4} which is like *@*.* in wildcards. You can protect yourself from this using "address munging".

 

They also send a spam to you, which say "send a email if you don't wish to receive any further email", when you send them an email, it puts your email address in the "people who read email"-list and spams you even more as they know it is a valid email address that is being read.

 

Spammers also buy/sell CD's of large amount e-mail addresses, which are usually alphabetically ordered or sorted by TLD (top level domain) name. So sometimes an email starting with the letter Z gets less spam than one that starts with an A.

 

About Outlook Express, it is often said to be main ways that worms propagate. When you get a spyware or a worm, the first thing it does is to check your Outlook Express addressbook and send itself there in the case of a worm, or check it, and relay it to the author in case of spyware. The security in Outlook Express is often touted as poor and it has an history of being exploited via buffer overflows in the e-mail header which allows for code to execute, this can happen even if you don't open the email letter. Using an web-based service or using Mozilla Thunderbird would be much safer imho.

[TheFiresInTheSky]

ive also seen some attachments that send out the "virus" to everyone on your list then subscribes them for a bunch of spam sites.

luckily yahoo detects the threat of a virus in the attachment!

[Eldmannen]

It might be a good idea to have 2 email addresses. One for friends and contacts. One for when signing up to things, newsletters, subscriptions, forms, etc.

 

When signing up for things, it might be handy with a disposable one-time email address.

Such as Mailinator, spamgourmet, TrashMail, etc.

 

Wikipedia has an article on e-mail spam. Various methods to fight spam is whitelisting, blacklisting, greylisting, bayesian filtering, honeypots, address munging, etc.

 

I once made a PHP script that randomly generated a list of what appeared to be e-mail addresses to trash the databases of e-mail harvesting bots.

[TheFiresInTheSky]

nowadays, i try using one of those but it says to please use a real email account.

this happens on some forums and websites for me.

[Eldmannen]

nowadays, i try using one of those but it says to please use a real email account.

this happens on some forums and websites for me.

Yes, I have noticed this. Usually I tend to boycott those sites. But can also use a valid secondary e-mail address that is rarely used and only used for dubious stuff.