Slashdot Mirror

← Back to Stories (view on slashdot.org)

DSLReports Study: 8 Hours 'til the Spam Hits

Posted by timothy on from the upcoming-spam-death-of-the-universe dept.

Masem writes: "In a rather interesting study at DSLReports, it was observed that email addresses published on a web site recieved spam within 8 hours of being posted, showing how aggressive the harvesters are working. In particular, a special link was set up on the main page that by following the link, the site generated an email address that was trackable to the IP that called the link, and not published anywhere else at any time. In the specific case, in only 8 hours after the email address was created, it had recieved spam; since that time about 9 months ago, it's gotten around 100 pieces. Given the time and source of most of the emails, the authors believe that they've simply got someone at one end of a home broadband pipeline using open relay mail servers, and most likely being paid to redistribute spam on the email addresses they harvest."

20 of 333 comments (clear)

  1. Lockheed Marin by irony+nazi · · Score: 4, Insightful

    When I started working for Lockheed Martin, I had 4 spam emails in my mailbox that was delivered prior to my first day of work. In addition to this, I had 2 personal (they seemed personal IT related) job offer emails in my mailbox, also from prior to my first day of work. Both from recruiting companies.

    --

    Bringing irony to the Slash-masses
  2. I think the summary is misleading... by Tom7 · · Score: 4, Interesting


    The email address wasn't harvested 8 hours after being posted, it was sent spam 8 hours after being harvested.

    What would be more interesting is to find out how long it takes with your address on the web before it gets entered into the various lists...

  3. Very interesting by InterruptDescriptorT · · Score: 5, Interesting

    While this study is very interesting, what I'd like to see more posted about is how often an e-mail address, unpublished on the Web but used for e-commerce, becomes the target for spam. Whenever I post something where the e-mail address goes up on a Web page, I sufficiently de-spamify it so that the harvesters won't know what to do with it (i.e. it's an obfuscated form of my address). But what really gets me is when I used my e-mail address for getting e-commerce confirmations, important for verifying orders, etc., and find that address the target of spam, even when I decline it.

    I also find it handy to have a 'spamdrop' account, which is just another e-mail alias on my host, for signing up for one-off things, like chat, games, etc. That account fills up incredibly quickly; I receive on the order of 50 spams/day at that address. Wow...

    --
    Karma: Excellent Birds (mostly as a result of listening to Laurie Anderson)
    1. Re:Very interesting by kubrick · · Score: 5, Insightful

      Altogether though, ebay remains the absolute worst place to get your address harvested, with usenet a close second.

      Ebay must be lucrative for spammers; a whole 'audience' of people either with money to spend (buyers), or who are about to have money to spend (sellers). And this 'audience' has already self-selected; they're not afraid to spend their money online...

      --
      deus does not exist but if he does
  4. Re:Hmm... by dagoalieman · · Score: 5, Interesting

    How about we put FBI and CIA email addresses up, or *.gov, and see how long until the spammers are raided?? I bet it could even be before that first spam gets out if we use the right addresses/web links..

    I bet that time period for harvesting goes down pretty quick.. :)

    .

    --
    We don't need no Net Explorer We don't need no Thought control
  5. Re:To Spammer, please Harvest these addresses: by hendridm · · Score: 5, Insightful

    Hmmm, using these sorts of e-mail addresses can lead to annoyances to legitimate domain owners. For awhile I remember the owner of junk.com, which seems to no longer exist, posting complaints about people type "whatever@junk.com" when they register software. It seems his servers were hit or something.

    I always like to use the webmaster's e-mail account when registering software. For example, if I was registering software on widgets.com, I might use the e-mail address "webmaster@widgets.com" or "abuse@widgets.com" to register the software.

    I feel torn, as I want to support free software vendors by allowing them to make money, but I just don't want my e-mail address to be sold for spam. Ever. I also don't want those annoying newsletters that I could care less about unless I *explicitely* ask for it (and not be tricked or required by default).

  6. New use for this? by iamplasma · · Score: 5, Interesting

    Could this technique be changed. Rather than generating a mailbox for the spam to go to, based on IP, instead generate the abuse address for the IP's netblock owner.

    That way, whoever is running the spider can start spamming direct to the abuse address, saving the site owner from having to report them. :)

  7. Re:To Spammer, please Harvest these addresses: by keesh · · Score: 5, Insightful

    I tend to go for postmaster@localhost, or, failing that, postmaster@127.0.0.1. You can also try other names -- root and webmaster are also good fun.

  8. Re:Hmm... by no+reason+to+be+here · · Score: 5, Informative

    the e-mail address is uce@ftc.gov

    --
    my pet machine
  9. Solution? by gnovos · · Score: 5, Interesting

    Does suing spammers work? For example, if you made a web-page that CLEARLY reads: If you agree to pay me $52,000, please send email to foo@bar.com. Consent of this contract will be shown by sending an email to that address, regardless of content.

    Post this email NOWHERE else. Wait for a spider to come around and harvest... Is such a contract legally binding? I would think it would be, considering you can make online-payments and such, and those contracts are binding (i.e. if you promise to pay Amazon for your book, you have to do it, right?)

    --
    "Your superior intellect is no match for our puny weapons!"
  10. sneakemail by doofsmack · · Score: 4, Informative

    That's exactly why I use sneakemail. It gives you a random email address like asjglkjg176489@sneakemail.com. When an email is sent there, it goes to your inbox. You can have as many aliases as you want (They suggest 1 per site you sign up with). If you receive spam on one of them, you can just disable that alias. It's really great.

  11. Mod this question up, please. by Lendrick · · Score: 4, Interesting

    How exactly does someone running a standard Windows install go about faking an email bounce? Or on Linux?

    Lendrick

  12. Re:To Spammer, please Harvest these addresses: by foobar104 · · Score: 5, Interesting

    I remember the owner of junk.com, which seems to no longer exist, posting complaints about people type "whatever@junk.com" when they register software. It seems his servers were hit or something.

    A good alternative is to use the domain "example.com." IANA (Internet Assigned Numbers Authority) holds the names "example.*" in reserve for use as (you guessed it) examples. It's been that way since at least 1995.

    So an email of the form "foo@example.com" is perfectly valid... and can never be the recipient of email.

  13. Spam by unique email address by slashdot.org · · Score: 5, Interesting

    I've been using the 'theirname@mydomain.com' technique whenever I provide an email to on-line stores.

    I was amazed when I started receiving spam on 'premaritalagreement.com@mydomain.com' (only the mydomain is fake!) and I contact the people and they denied everything. But at least you can ban that email address and ban the company.

    On the other hand it's funny when (for some reason) the company calls you to verify something, and they go over all the stuff and then get to the email. There was one person that just didn't get it: 'yeah, but that's OUR email address', recognizing her companies name. :o)

    For those reasons some people generate an obfuscated (rot-13 for example) address.

    In any case, the sad thing is that there's not much you can do against the companies that sell your email address, legally...

  14. Re:telemarketers by TheFlu · · Score: 5, Informative
    I have a similiar experience. I recently started participating in Spamcop.net's blacklisting effort...a few days after I started submitting SPAM to be blacklisted, for some reason, my daily SPAM intake has tripled. I'm not sure if it's just coincidence or what, but it doesn't please me. I hate to think of the reason why this has happened...


    I'm seriously considering moving my mail servers over to using TMDA, which I hear stops about 99% of SPAM. At this point, I have to do something.

    --

    --It's Pimptastic!--

  15. Re:To Spammer, please Harvest these addresses: by Roundeye · · Score: 4, Funny
    I always use real addresses, just those of the people I think more likely to be interested in cheap Viagra, weight loss, and 12-year old girls:
    hotline@mpaa.org and cdreward@riaa.org.

    --
    "Cause there's 40 different shades of black, so many fortresses and ways to attack, so why you complainin'?"
  16. Re:How? by Restil · · Score: 4, Interesting

    From what it sounds like. spammers delegate spamming to smaller, entities. Each of these enitites constantly scans its own set of pages, then sends spam to every address it finds. It might keep a list that it updates a master list with, or it might not. But the harvesting and spamming is done from many boxes on many networks.

    This means, if there are enough of them, you could easily scan several tens of thousands of pages every day with little difficulty. And if one or even many of them get shut down, the spamming operation is not affected much. This is probably the first good example of a distributed network for profit. Too bad its such a slimy one.

    -Restil

    --
    Play with my webcams and lights here
  17. Obfuscated html by rsidd · · Score: 5, Insightful

    I use html code in my email address on my web page, like this:

    &#114&#115idd@yah&#111&#11 1.c&#111&#109

    Amazingly, not a single spammer has gotten hold of it yet, in over a year; whereas, unobfuscated
    addresses used only once, on mailing list archives for example, are picked up immediately.

    Obviously these spambots aren't so intelligent.

  18. Yes, or at least it used to. by aussersterne · · Score: 5, Interesting

    In 1997, I worked for a very small travel company that decided to try its hand at SPAM. Of course, take this anecdote for what it's worth (it *was* five years ago).

    They set up a small server that would just browse around the Web and usenet harvesting e-mail addresses wherever they could be found. The first week they sent out about 80,000 pieces of e-mail per day. They got tons and tons of hate mail in return but also a few hits. The first day, there were about 60 sales of a $69.99 "travel club membership" product (essentially a hotel and airline coupon book), and by that Friday they were up to over 200 sales a day thanks to the SPAM. Totals for the week were something like 350,000 e-mails sent and 900 sales for a total of about $63,000 in revenue that week thanks to SPAM. The coupon book itself wasn't all that expensive -- the deals were promotional and each book only cost the company something like $12.00, so the net was around $52,000 for the week. Not bad for a computer sitting in the corner with a $100 piece of software -- this likely explains why spammers stay at it.

    I left shortly thereafter so I don't really know whether they "stuck with it" or not, but it obviously can generate sales.

    --
    STOP . AMERICA . NOW
  19. One guy? by blair1q · · Score: 5, Funny

    One guy is the source of all the spam on the Internet?

    I say we've found a perfect target for testing that AC-130 Death Ray.

    --Blair