Email address harvesting - How spammers steal your email address - Email harvesting |
 |
|
|
How Spammers Steal Your Email Address - Learn how spammers obtain your e-mail address!
|
|
In order to send spam, spammers need to obtain the e-mail addresses of the intended recipients. To this end, both spammers themselves and list merchants gather huge lists of potential e-mail addresses. Since spam is, by definition, unsolicited, this address harvesting is done without the consent (and sometimes against the expressed will) of the address owners. As a consequence, spammers' address lists are inaccurate. A single spam run may target tens of millions of possible addresses -- many of which are invalid, malformed, or undeliverable.
Spam differs from other forms of direct marketing in many ways, one of them being that it costs little more to send to a larger number of recipients than a smaller number. For this reason, there is little pressure upon spammers to limit the number of addresses targeted in a spam run, or to restrict it to persons likely to be interested. One consequence of this fact is that many people receive spam written in languages they cannot read — a good deal of spam sent to English-speaking recipients is in Chinese or Korean, for instance. Likewise, lists of addresses sold for use in spam frequently contain malformed addresses, duplicate addresses, and addresses of role accounts such as postmaster.
Spammers may harvest e-mail addresses from a number of sources. A popular method uses e-mail addresses which their owners have published for other purposes. Usenet posts, especially those in archives such as Google Groups, frequently yield addresses. Simply searching the Web for pages with addresses — such as corporate staff directories — using spambots can yield thousands of addresses, most of them deliverable. Spammers have also subscribed to discussion mailing lists for the purpose of gathering the addresses of posters. The DNS and WHOIS systems require the publication of technical contact information for all Internet domains; spammers have illegally trawled these resources for email addresses. Many spammers utilize programs called web spiders to find email addresses on web pages. Usenet article message-IDs often look enough like email addresses that they are harvested as well.
Spammer viruses may include a function which scans the victimized computer's disk drives (and possibly its network interfaces) for email addresses. These scanners discover email addresses which have never been exposed on the Web or in Whois. A victimized computer located on a shared network segment may capture email addresses from traffic addressed to its network neighbors. The harvested addresses are then returned to the spammer through the bot-net created by the virus.
A recent, controversial tactic, called "e-pending", involves the appending of e-mail addresses to direct-marketing databases. Direct marketers normally obtain lists of prospects from sources such as magazine subscriptions and customer lists. By searching the Web and other resources for e-mail addresses corresponding to the names and street addresses in their records, direct marketers can send targeted spam e-mail. However, as with most spammer "targeting", this is imprecise; users have reported, for instance, receiving solicitations to mortgage their house at a specific street address — with the address being clearly a business address including mail stop and office number.
A more recent controversal tactic, should be called "triggered spam", so called "Postcard Services", e.g., are catching online consumers to have them send so called "Postcards" with more or less commercial content to redirect the recipients back to the sites of these "Postcard Services", mostly full of commercial advertisements and marketing data harvesting systems, which are received by the "Postcard" recipients in most cases unsolicitedly and without their consent, who are not subscribers of such a "Postcard Service".
Spammers sometimes use various means to confirm addresses as deliverable. For instance, including a Web bug in a spam message written in HTML may cause the recipient's mail client to transmit the recipient's address, or any other unique key, to the spammer's Web site.
Likewise, spammers sometimes operate Web pages which purport to remove submitted addresses from spam lists. In several cases, these have been found to subscribe the entered addresses to receive more spam.
When you fill out a form it is often sold to a spammer using a web service or http post to transfer the data. This is immediate and will drop the email in various spammer databases. The revenue made from the spammer is shared with the source. For instance if you ran an online mortgage, or signed up for a loan the owner of this site is likely to make a deal with the spammer to sell the address. These are considered the best emails by spammers because they are fresh and the user just signed up for a site that does well with spam anyway.
Sometimes, if the sent spam is "bounced" or sent back to the sender by various programs that eliminate spam, or if the recipient clicks on a unsubscribe link, that may cause that email address to be marked as "valid". Most of the time this is the case, although sometimes clicking will actually unsubscribe that email.
|
|
Copyright © 2007 SpamAlert.org, All rights reserved.
|