According to Eran Reshef, the chief executive and co-founder of Blue Security, sophisticated and smart spammers are harvesting e-mail addresses from systems linked to P2P networks via such software as eDonkey 2000 and Gnutella.
They’re going into P2P networks and harvesting addresses accidentally shared, then spamming every address they find,” said Reshef.
P2P harvesting is very different from the better-known directory harvest attack (DHA), which is when spammer’s flood mail servers with thousands of address variations, hoping to get a response when a valid address is queried. P2P harvesting relies on novice file-sharing users who mistakenly set their software to share more than just one or two directories on their PC.
“All it takes is one person you know, who you’ve sent an e-mail address,” said Reshef. “This friend of yours has your e-mail address somewhere in his files, likely in his Outlook .pst file. He doesn’t know P2P, and rather than share just some songs, sets the file-sharing software to share his entire hard drive, including his Outlook .pst file for spammers to find and see.”
All a spammer has to do, added Reshef, is connect to a file-sharing network and then search for strings such as “email” or “e-mail” or “Outlook.pst.”
Read the complete story @ Information Week
Related Posts
- Report: Spammers Shift to Blogs and IM
- America Online Sues Spammers
- U of Chicago Professor Questions RIAA’s Use of IP Addresses in Lawsuits
- HotP2P: Bye-Bye to 3rd Party Servers / Static IP Addresses / Dynamic DNS Services
- French Court – File-Sharer’s IP Addresses Were Illegally Obtained, Conviction Overturned
Loading ...
