Email-address harvesting: Difference between revisions
EnviroGranny (talk | contribs) →External links: *[http://news.yahoo.com/s/ap/spam_harvester_lawsuit;_ylt=A0WTUc9k7zFGeC0AwQ8DW7oF Yahoo News: Lawsuit targets 'spam harvesters'] |
|||
| Line 12: | Line 12: | ||
*A [http://www.projecthoneypot.org/bots_and_servers.php list of the current top-25 IP addresses used for e-mail harvesting], as identified by [[Project Honey Pot]] |
*A [http://www.projecthoneypot.org/bots_and_servers.php list of the current top-25 IP addresses used for e-mail harvesting], as identified by [[Project Honey Pot]] |
||
*A [http://www.projecthoneypot.org/top_dictionary_attackers.php list of the current top-25 IP addresses used for e-mail dictionary attacks], as identified by [[Project Honey Pot]] |
*A [http://www.projecthoneypot.org/top_dictionary_attackers.php list of the current top-25 IP addresses used for e-mail dictionary attacks], as identified by [[Project Honey Pot]] |
||
* [http://www.projecthoneypot.org/httpbl.php http:BL] allows website administrators to block known email address harvesters and other malicious robots identified by [[Project Honey Pot]]. An [http://www.projecthoneypot.org/httpbl_api.php API] for the service is also available for developers. |
|||
* [http://www.spamlaws.com/ Spam laws] |
* [http://www.spamlaws.com/ Spam laws] |
||
*[http://news.yahoo.com/s/ap/spam_harvester_lawsuit;_ylt=A0WTUc9k7zFGeC0AwQ8DW7oF Yahoo News: Lawsuit targets 'spam harvesters'] |
*[http://news.yahoo.com/s/ap/spam_harvester_lawsuit;_ylt=A0WTUc9k7zFGeC0AwQ8DW7oF Yahoo News: Lawsuit targets 'spam harvesters'] |
||
Revision as of 06:01, 5 May 2007
E-mail harvesting is the process of obtaining lists of e-mail addresses for use in bulk e-mail or other purposes usually grouped as spam. Methods range from purchasing lists of e-mail addresses from other spammers to the more common use of special software, known as "harvesting bots" or "harvesters", which scan Web pages, postings on Usenet, mailing list archives, and other online sources to obtain e-mail addresses.
Spammers may also use a form of dictionary attack in order to harvest e-mail addresses. For example, a spammer may send messages to adam@example.com, betty@example.com, carl@example.com, and so on. Any addresses to which messages are delivered, instead of being bounced back, the spammer can then add to his or her sending list. It typically takes between few seconds and 5 or so minutes for an invalid domain or inexistent mail address to bounce back to sender's mail.
Another form of e-mail address harvesting is to offer a product or service free of charge as long as the user provides a valid e-mail address, and then use the addresses collected from users as spam targets. A common tactic as of 2006 is to offer "free" items (such as plasma TVs or iPods) to participants who get a certain number of their friends to sign up; as in a classical pyramid scheme, most participants never receive any of the rewards.
Legality
In Australia, the creation or use of email-address harvesting programs (address harvesting software) is illegal according to the 2003 anti-spam legislation. [1] [2]. The legislation is intended to prohibit emails with 'an Australian connection' - spam originating in Australia being sent elsewhere, and spam being sent to an Australian address.
External links
- A Federal Trade Commission warning about e-mail harvesting
- A list of the current top-25 IP addresses used for e-mail harvesting, as identified by Project Honey Pot
- A list of the current top-25 IP addresses used for e-mail dictionary attacks, as identified by Project Honey Pot
- http:BL allows website administrators to block known email address harvesters and other malicious robots identified by Project Honey Pot. An API for the service is also available for developers.
- Spam laws
- Yahoo News: Lawsuit targets 'spam harvesters'