Spammers Want Email Addresses? Let’s Give Them Some! - 3,257 Views, 3 Comments
|
Previous Article « New After-School Job: Phishing Mule
Read Next Article » This Site Will Scare You, But In a Good Way
Spammers are of course known for harvesting email addresses from websites, and then using those email addresses to build email lists, which they then sell to other spammers. Odds are that spammers are crawling all over your website right now, looking for email addresses for just that purpose. Most hints and tricks you will find are those which help you to protect and disguise email addresses which you put up on a website. But AuditMyPC.com has a different idea: why not give the spammers all the email addresses they want? The twist is, they are completely useless , non-existent email addresses. At non-existent domains so that there are no messy bounces to clean up, other than to the sending system.* Because spammers use automated software to harvest email addresses from websites, so long as the addresses have the correct email address format (text@text.xyz), the addresses will be added to the spammer’s mailing list. The idea is that this makes the mailing list less useful, particularly for purposes of selling. Who wants to pay good money for email addresses which don’t even exist? And what happens to a spammer who gets a reputaton for selling mailing lists full of fake addresses. Ewww..that isn’t pretty. AuditMyPC.com has set up a url which you can include on your website, and which links directly to a page full of such addresses, just waiting to be harvested by spammers. And for those extra-greedy spammers, there is even a link at the bottom of the page, leading to another page full of… yep, you got it… more fake email addresses, with another link at the bottom of the page, and so on. *A huge amount of spam is sent from compromised computers, meaning that bounces generated by the spam being sent to the non-existent accounts will come not to the spammer, but to the owner of the compromised system. It is left as an exercise for the reader to decide whether that is an undue burden on the owner of the compromised system, or a wake-up call, or both. For more information about AuditMyPC’s idea, see http://www.auditmypc.com/freescan/antispam.html.
Follow Anne on
Twitter 
Friend Anne on Facebook
The good folks over at AuditMyPC.com have a very interesting idea.
Spammers Want Email Addresses? Let’s Give Them Some!
Twitter Explained in Plain English
Previous Article « New After-School Job: Phishing Mule
Read Next Article » This Site Will Scare You, But In a Good Way
Read more:
» Help Trap Spammers in a Sticky Situation with Project Honeypot!
» Anti Spammers are Lamers, Says Spammer
» Former AOL Employee Who Sold Email Addresses Facing Two Years in Prison
» Microsoft Sues Spammer’s Web Hosting Provider
For additional similar stories check out our archives on Good Guys, Spam
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
This is actually a pretty old idea. See Sugarplum and WPoison for other examples, or search Google for “spam poison”
Where I work, we’ve had a spam poison section for about two years with a mix of (a) spamtrap addresses, (b) completely bogus addresses, and (c) random garbage designed to keep the harvesters busy. It doesn’t get very many hits, but a few spammers do target those spamtrap addresses, so someone’s harvesting it.
On the subject of bounces, they really aren’t likely to go to the zombies. Either the zombie will see an SMTP rejection code, which takes up as much bandwidth as an accept code, or the bounce will be sent to the (forged) return address, which is likely to be garbage itself or a third-party joe-job victim.
Comment by Kelson — 1/6/2005 @ 10:27 am
The folks who sell lists of e-mail addresses still charge by the address, so schemes like this actually just put more money in their pockets. It’s a waste of time, folks — always has been.
Comment by J.D. Falk — 1/6/2005 @ 12:15 pm
Popcorn.net keeps popping up on my screen and it takes about 90 seconds before I can close it. (there is no X on original popup) It is driving me CRAZY. Who can I complain to and how can I get an address of popcorn.net.
Comment by Jack McCullough — 8/21/2006 @ 9:57 am