Spammers looking for email addresses on P2P networks

Spammers now have a new source of real email addresses. They are taking advantage of the fact that some novice P2P users accidentally share private directories on P2P networks like eDonkey2000. In some cases, people intentionally share their entire HDD's to boost the amount of data they are sharing on some P2P software that has minimum requirements for shared files. So some spammers got clever and decided to search for strings like "email" or "e-mail" or "Outlook.pst".

"They're going into P2P networks and harvesting addresses accidentally shared, then spamming every address they find," said Eran Reshef, the chief executive and co-founder of Blue Security. Spammers usually use Directory Harvest Attacks, where they flood mail servers with thousands of address variations, hoping to get a response when a valid address is queried. Harvesting on P2P networks is not that complicated either, and even if you don't have your email address shared, some one of your friends might have yours shared accidentally.

"All it takes is one person you know, who you've sent an e-mail address," said Reshef. "This friend of yours has your e-mail address somewhere in his files, likely in his Outlook .pst file. He doesn't know P2P, and rather than share just some songs, sets the file-sharing software to share his entire hard drive, including his Outlook.pst file for spammers to find and see." Blue Security set up 500 virgin e-mail accounts, listed those addresses in several files on a PC connected to the eDonkey2000 and Gnutella file-sharing networks, and shared the directories the files were in.

Only 1 day later the addresses had received over 100 pieces of spam. After three days, that number had risen to 300 and after two weeks the addresses were collecting about 100 a day. "Addresses found in a P2P harvest are likely to be spammed for a long time as the addresses are harvested and re-harvested by new spammers," said Reshef. "They're likely to stay on the network and simply circulate." However, for now the spammers can be sure that the email addresses they receive harvesting P2P networks are probably real.

The best thing to recommend for users is to make sure you are not sharing any private directories; this is easily achieved by not sharing that many folders, and by creating specific folders just for the purpose of sharing files and nothing else. Maybe we should fight back by sharing Outlook.pst files with thousands of fake email addresses? Just to make it a headache for spammers to find real addresses.

Source:
InformationWeek

Written by: James Delahunty @ 19 Apr 2005 16:38

Advertisement - News comments available below the ad

12 comments

philipman

good thing I don't share my e-mail on p2p networks.

19.4.2005 16:45 #1

Dela

thats the whole point, you dont have to be sharing your email address, if someone has your email address in a contact list, chances are it could be found through a P2P network if they have messed up shared directories!

19.4.2005 16:54 #2

philipman

I don't chat with people on my e-mail, just call them... and no one that I know uses p2p.

19.4.2005 18:00 #3

Dela

ah you're pretty safe then man :-) I wasnt really talking about "you" personally though in my reply, just a ossibility that could affect anyone in general!

19.4.2005 18:03 #4

philipman

ok thats good. The only place that I chat is here.

19.4.2005 18:15 #5

malcdogg

I hate when people share their entire damn hard drive. They deserve the spam.

19.4.2005 18:26 #6

c4iscool

malcdogg, u r right. If they are that damn dumb then more power to the spammers.

19.4.2005 18:30 #7

Dela

Quote:malcdogg, u r right. If they are that damn dumb then more power to the spammers.Well I agree that sharing an entire HDD is very stupid, but I would not like to see these people hit by spammers for one simple reason. Take the outlook.pst file for example - some guy could have one containing 1000 email addresses of his customers or clients etc... he probably wont get spammed himself as he probably wont have his own email address in his little address book, but all the 1000 email addresses will! Not only the person who is sharing the full HDD will be fucked by this.

Then there is also the problem that some P2P software searches HDDs for files that it believes are "media" files that can be shared, could be possible that more files are put at risk this way.

Also I wonder if you would find any logs of private discussions between people ;-) I already searches eD2K for efnet.log and found a couple of private discussions - irc script would log PM's like for example - Dela.Efnet.log if you were talking to me on IRC!

19.4.2005 18:42 #8

climbhigh

Jesus. Will this ever end?

20.4.2005 05:58 #9

SkyDomain

My smart filter takes out 98% of all junk mail so I never really had any problem with my email being public.
People need better spam filters.

20.4.2005 10:54 #10

guinnyss

what a good spam filter?

19.10.2005 12:25 #11

Lethal_B

Has anyone ever tried soulseek? its good for rare stuf but damn...you can just sift through peoples hard drives on that thing!!

Please Excuse me, I speak no Finnish! :)
Brand new Ipod forum!http://forums.afterdawn.com/forum_view.cfm/159
Converting Video For The New Ipod?? check my small, easy-to-follow guide http://forums.afterdawn.com/thread_view.cfm/244629

Bittorrent Quick Starter
1. Get a Client - recommend Azureus - http://azureus.sourceforge.net/
2. Make sure you are sufficiently protected from fake files and ''other stuff''
Get Peerguardian2
http://www.softpedia.com/get/Security/Firewall/Peer-Guardian-Pr.shtml
3. Do you have a router or a firewall?? Port Forward http://www.portforward.com/routers.htm
4. Search for Music, Movies, Games etc. These can be found on Torrent sites - pick of the bunch are -
http://www.torrenttyphoon.com/
http://www.isohunt.com/
http://www.thepiratebay.org/

19.10.2005 13:15 #12

AfterDawn: News