E-mail address harvesting!
For the uninitiated, this is one harvest producing the world’s worst invasive specie. SPAM.
SPAM, as an action means sending humongous number of unsolicited e-mail messages indiscriminately with less than charitable intentions which in most cases are downright fraudulent.
The main reason why SPAM continues to grow despite severe restrictions being put in place is that despite everything people say, one cannot really stop anyone in the world from communicating. It is as basic as writing a letter or talking over the phone.
Where then, is the problem?
The problem arises where the recipient has no intention of receiving the said communication but is never-the-less bombarded, day in and day out with communication which was never subscribed to. The Spammer send these mails with the express intention of eliciting a response which will again be used for further nefarious activities like sending spyware, viruses and ridiculous and sometimes, criminal schemes.
Spammers, for all their worth, find the going easy as they can send these mails for practically free. The data in most cases comes from illegal skimming also called harvesting. The only investment incurred is that of getting the right equipment which in any case can be easily found in public net cafes worldwide. One fact making their life easy is the relative anonymity the medium provides. Layers upon layers of security shall first get hold of the IP and the ISP which give enough time to the fraudster to shift base bag and baggage to a new site. Additionally, some regions of the world too offer easy operating with very, very lax system of policing and conviction.
The one thing Spammers are always on the look-out for are e-mail IDs. Since most of the intended activity in any case is fraudulent, it does not make sense procuring them from legal source. What next? Harvest your own catch!
Harvesting may involve, besides other forms, the following activity:
- The most obvious and easiest way to get e-mail IDs is to contact those in the same trade i.e. spammers.
- Use of specialized software call spambot on web pages and forums to obtain e-mail addresses from public forums.
- An ingenious though tedious way is to get hold of one valid address and build around it with bare minimum variations like email@example.com or firstname.lastname@example.org or email@example.com. This is purely shooting in the dark. If you end-up with live ID(s), you are in business!
- Recipient’s stupidity of falling for the worst of offers even if these seem meaningless like astro-services, songs, jokes, stock quotes etc. is also a source. Once into the inbox of a recipient, you worm your way to further e-mail IDs via a virus.
- Corporate sites invariably give some or the other IDs of people working there. The ingenious ones get a further list of employees therein and by working in permutation-combination, arrive at e-mail IDs that is still active.
- If the spammer is crafty, they too reverse-append. With correct address and names of people in their hands, they can try to get details of corporate IDs and send spam.
- E-mails in HTML form run the risk of bugs in the HTML codes which can help transmit e-mail IDs and address.
- One preferred way to get live e-mail IDs is to search the “unsubscribe” list.
- Selling data on the sly. Certain web-pages which facilitate the visitors to enter their details. These details can in real time be routed to the spammer who can thus get e-mail IDs in real time.
But then with so many filters in place, spamming is no more easy.
My 21 Guns salute to the Spam Fighters!