Previous entries
Next entries

May 10th, 2006

Directory Harvesting Attacks Explained: How Spammers are Stealing your Email Directory

By Yan Fortin
Contributing Writer, RealTechNews

Have you ever wondered about why you’ve started to receive SPAM mail barely 1 hour after creating yourself a brand new email address? You never gave this address to anyone, how could someone have learned about it? The guys at [Geeks Are Sexy] pubbed an article explaining how spammers can attack your email directory to harvest a list of existing addresses from it without you even knowing about it. They also provide you with a way to stop these attacks from happening, but this is only for people that are administrating their own SMTP servers.

Read the complete article over here.

Source: [Geeks Are Sexy]

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Fark
  • NewsVine
  • Reddit
  • YahooMyWeb
You can leave a comment, or trackback from your own site. RSS 2.0

5 comments to "Directory Harvesting Attacks Explained: How Spammers are Stealing your Email Directory"

  1. John Corliss says:

    EGAD! How many times do I have to tell people how to create an email address that can’t be hacked? Contact your ISP and have them change your user id into a randomized sequence of alphanumeric characters. For instance:

    1. BAD: jcorliss@fakeISP.com
    2. GOOD: e34jfu98s@fakeISP.com

    How hard is that to do? But it’s not the last step.

    If your ISP provides you with server space so you can set up a web page, DON’T DO IT unless the address to that webpage doesn’t contain your user ID.

    Also, tell EVERYBODY in your address book that you don’t want chain emails, fraud emails, *E-CARDS* (almost all e-card websites are simply email address harvesting scams) or for them to give your email address to ANYBODY without your permission. If you have any people in your address book who tend to ignore such requests, only provide them with a Yahoo or some other throw-away email address.

    If you’re active in Usenet, be sure to configure your news reader to use a fake email address for posting. Thunderbird will do this, for instance.

    Of coure, it’s common sense that you should only provide your throw-away email address, NEVER your main one, to any government agency or business.

    Besides, Yahoo does such a good job of filtering spam that I rarely get any in that account anyway. However, if the flood-gates ever do open, I will simply create another account and abandon the old one.

    These are some *common sense ideas* that have successfully lowered my daily spam rate from about 500 a day to one every other day (a cousin who will remain nameless sent me an e-card and the next time I change my email address, she will only get the Yahoo address.)

    May 11th, 2006 at 5:14 am

  2. Yan says:

    Great tips John, thanks for sharing!

    May 11th, 2006 at 5:37 am

  3. getelc says:

    eltrolgetou

    December 1st, 2007 at 12:31 pm

  4. getelc says:

    eltrolgetou

    December 1st, 2007 at 12:32 pm

  5. getelc says:

    eltrolgetou

    December 1st, 2007 at 12:32 pm

Leave a comment