How Spammers Steal Your Email Address
Ever wonder who’s scraping your email from a website for spamming?
Project Honey Pot is a project that aims to analyze email harvesters by setting up honeypots on hundreds of thousands of websites. They have some interesting findings about the geographical source of harvesting and processing, sending patterns of different types of spammers, and email list management behaviors.
Email harvesters can be categorized into two types, termed “hucksters” and “fraudsters”.
Hucksters have a longer delay between the time they harvest the email address to the time a spam is sent there. They have more sophisticated harvesting algorithms, generally send a large volume of spam, and their emails typically sell a product.
Fraudsters almost immediately send a spam email once they harvest the email address. They send a small number of messages to each email address, and their emails typically involve some sort of fraud (phishing, “advanced fee” fraud, etc.).
My thoughts are that Hucksters are a more organized group of spammers that as a group create email lists, send bulk email, and sell products for profit. Meanwhlie, the fraudsters are simply individual spammers looking to make a quick buck.
The geographical origin of harvesters and spammers breaks down as follows,
Note that there seems to be some sort of apparent “outsourcing”, since Romania is the #2 country for harvesting but doesn’t appear in the top 10 for spamming.
So what are the most effective ways to munge (obscure your email address from harvesters) your email on a website?
- Putting the email address in an image
For the latest Project Honey Pot statistics, click here.
Prince, M. B., Holloway, L., Langheinrich, E., Dahl, B. M., & Keller, A. M. (2005). Understanding How Spammers Steal Your E-Mail Address: An Analysis of the First Six Months of Data from Project Honey Pot. Proceedings from CEAS ’05: Conference on Email and Anti-Spam. [PDF]