AfterDawn: Tech news

Spammers looking for email addresses on P2P networks

Written by James Delahunty (Google+) @ 19 Apr 2005 16:38 User comments (12)

Spammers looking for email addresses on P2P networks Spammers now have a new source of real email addresses. They are taking advantage of the fact that some novice P2P users accidentally share private directories on P2P networks like eDonkey2000. In some cases, people intentionally share their entire HDD's to boost the amount of data they are sharing on some P2P software that has minimum requirements for shared files. So some spammers got clever and decided to search for strings like "email" or "e-mail" or "Outlook.pst".
"They're going into P2P networks and harvesting addresses accidentally shared, then spamming every address they find," said Eran Reshef, the chief executive and co-founder of Blue Security. Spammers usually use Directory Harvest Attacks, where they flood mail servers with thousands of address variations, hoping to get a response when a valid address is queried. Harvesting on P2P networks is not that complicated either, and even if you don't have your email address shared, some one of your friends might have yours shared accidentally.

"All it takes is one person you know, who you've sent an e-mail address," said Reshef. "This friend of yours has your e-mail address somewhere in his files, likely in his Outlook .pst file. He doesn't know P2P, and rather than share just some songs, sets the file-sharing software to share his entire hard drive, including his Outlook.pst file for spammers to find and see." Blue Security set up 500 virgin e-mail accounts, listed those addresses in several files on a PC connected to the eDonkey2000 and Gnutella file-sharing networks, and shared the directories the files were in.

Only 1 day later the addresses had received over 100 pieces of spam. After three days, that number had risen to 300 and after two weeks the addresses were collecting about 100 a day. "Addresses found in a P2P harvest are likely to be spammed for a long time as the addresses are harvested and re-harvested by new spammers," said Reshef. "They're likely to stay on the network and simply circulate." However, for now the spammers can be sure that the email addresses they receive harvesting P2P networks are probably real.

The best thing to recommend for users is to make sure you are not sharing any private directories; this is easily achieved by not sharing that many folders, and by creating specific folders just for the purpose of sharing files and nothing else. Maybe we should fight back by sharing Outlook.pst files with thousands of fake email addresses? Just to make it a headache for spammers to find real addresses.


Previous Next  

12 user comments

119.4.2005 16:45

good thing I don't share my e-mail on p2p networks.

This message has been edited since its posting. Latest edit was made on 19 Apr 2005 @ 16:45

219.4.2005 16:54

thats the whole point, you dont have to be sharing your email address, if someone has your email address in a contact list, chances are it could be found through a P2P network if they have messed up shared directories!

319.4.2005 18:00

I don't chat with people on my e-mail, just call them... and no one that I know uses p2p.

419.4.2005 18:03

ah you're pretty safe then man :-) I wasnt really talking about "you" personally though in my reply, just a ossibility that could affect anyone in general!

519.4.2005 18:15

ok thats good. The only place that I chat is here.

619.4.2005 18:26

I hate when people share their entire damn hard drive. They deserve the spam.

719.4.2005 18:30

malcdogg, u r right. If they are that damn dumb then more power to the spammers.

819.4.2005 18:42

malcdogg, u r right. If they are that damn dumb then more power to the spammers.
Well I agree that sharing an entire HDD is very stupid, but I would not like to see these people hit by spammers for one simple reason. Take the outlook.pst file for example - some guy could have one containing 1000 email addresses of his customers or clients etc... he probably wont get spammed himself as he probably wont have his own email address in his little address book, but all the 1000 email addresses will! Not only the person who is sharing the full HDD will be fucked by this. Then there is also the problem that some P2P software searches HDDs for files that it believes are "media" files that can be shared, could be possible that more files are put at risk this way. Also I wonder if you would find any logs of private discussions between people ;-) I already searches eD2K for efnet.log and found a couple of private discussions - irc script would log PM's like for example - Dela.Efnet.log if you were talking to me on IRC!

920.4.2005 5:58

Jesus. Will this ever end?

1020.4.2005 10:54

My smart filter takes out 98% of all junk mail so I never really had any problem with my email being public. People need better spam filters.

1119.10.2005 12:25

what a good spam filter?

1219.10.2005 13:15

Has anyone ever tried soulseek? its good for rare stuf but can just sift through peoples hard drives on that thing!!

Comments have been disabled for this article.

News archive