« Florida Hurricane Alerts Treated as Spam by AOL | Main | FrontBridge Reports Spam at 94% of All Email »

May 5, 2005

Spammers Using P2P to Harvest Email Addresses

Just when you thought it was safe to go back into the water, having protected your email address in all the places it might appear publicly, such as your Web site, this CircleID article on P2P address harvesting, quoting a study done by Blue Security, suggests that spammers are grabbing addresses from poorly configured P2P sharing setups.

This is nothing new, of course, the idea of somehow protecting your email address from harvesting when you already communicate with people whose systems are insecure (and hence vulnerable to intentional harvesting or inadvertent exposure through mass-mailing viruses) is ludicrous. But the important aspect of this new strategy is that it not only exposes your address, but also the contexts in which it occurs naturally. Now, instead of just being able to spam you, the spammers can correlate your address to others in the same mailbox, and can send you mail purporting to be "from" your maiden aunt or boss, thereby making use of your local whitelists and filters to bypass spam filtering. Until some form of sender authentication is adopted, this is going to be the way of the world. And there's no guarantee that even that will solve this problem.

Posted by schampeo at May 5, 2005 1:37 PM

Search Blog

Browse

• Archives
• Categories
  • antispam in practice
  • consortiae
  • gripes
  • history
  • legal
  • news
  • privacy
  • project
  • security
  • spammers
  • studies and statistics
  • tactics
  • tools
  • viruses and worms

Feeds

• RSS
• ATOM

• Classifications
• News
• Request Eval