Spam is amazing. In an unprecedented and astonishing effort, junk email reaches almost everybody online.
All it takes to get on the mailing lists used by spammers is an email address. There is no need to sign up for anything or ask for emails. The spam just starts coming, out of nowhere, apparently without any plan, and without a reason. It invades email addresses that are never used.
But how do spammers discover email addresses? How do they find your mailbox when your best friend does not?
Dictionary Attack
Big free email providers like Hotmail or Yahoo! Mail are a spammer's paradise, at least when it comes to finding spammable addresses.
Millions of users share one common domain name, so you already know that ("hotmail.com" in the case of Hotmail).
Try to sign up for a new account and you will discover that guessing an existing user name is not difficult either. Most short and good names are taken.
So, to find email addresses at a large ISP, it's enough to combine the domain name with a random user name. Chances are both "asdf1@hotmailcom" and "asdf2@hotmail.com" exist.
To beat this kind of spammer attack, use long and difficult addresses.
Brute Searching Force
Another tactic employed by spammers to discover email addresses is to search common sources for email addresses. They have robots scanning web pages and following links.
These address harvesting bots work a lot like the search engines' robots, only they're not after the page content at all. Strings with '@' somewhere in the middle and a top-level domain at the end are all the spammers are interested in.
While not picky, the pages the spammers are particularly keen to visit are web forums, chat rooms and web-based interfaces to usenet because lots of email addresses are likely to be found there.
This is why you should disguise your email address when you use it on the net or, better yet, use disposable email addresses.
If you post your address on your own web page or blog, you can encode it so visitors who want to send you an email can see and use it, but spambots cannot. Again, using a disposabe address provides a very effective and at the same time convenient alternative.
All it takes to get on the mailing lists used by spammers is an email address. There is no need to sign up for anything or ask for emails. The spam just starts coming, out of nowhere, apparently without any plan, and without a reason. It invades email addresses that are never used.
But how do spammers discover email addresses? How do they find your mailbox when your best friend does not?
Dictionary Attack
Big free email providers like Hotmail or Yahoo! Mail are a spammer's paradise, at least when it comes to finding spammable addresses.
Millions of users share one common domain name, so you already know that ("hotmail.com" in the case of Hotmail).
Try to sign up for a new account and you will discover that guessing an existing user name is not difficult either. Most short and good names are taken.
So, to find email addresses at a large ISP, it's enough to combine the domain name with a random user name. Chances are both "asdf1@hotmailcom" and "asdf2@hotmail.com" exist.
To beat this kind of spammer attack, use long and difficult addresses.
Brute Searching Force
Another tactic employed by spammers to discover email addresses is to search common sources for email addresses. They have robots scanning web pages and following links.
These address harvesting bots work a lot like the search engines' robots, only they're not after the page content at all. Strings with '@' somewhere in the middle and a top-level domain at the end are all the spammers are interested in.
While not picky, the pages the spammers are particularly keen to visit are web forums, chat rooms and web-based interfaces to usenet because lots of email addresses are likely to be found there.
This is why you should disguise your email address when you use it on the net or, better yet, use disposable email addresses.
If you post your address on your own web page or blog, you can encode it so visitors who want to send you an email can see and use it, but spambots cannot. Again, using a disposabe address provides a very effective and at the same time convenient alternative.
