TELECOM Digest OnLine - Sorted: Re: Using Dilution to Fight Phishers

Re: Using Dilution to Fight Phishers

Barry Margolin (
Mon, 01 May 2006 20:15:16 -0400

In article <>, <> wrote:

> I've had a similar "dilution" system on my website for years, but this
> is for spammers harvesting email addresses. At the bottom of the page
> at is a list of randomly generated mailto
> email addresses. Ideally they have harvested millions of false email
> addresses off here and are wasting time sending to them.

I doubt this bothers them very much. Even without your dilution, I'll
bet most spam address lists have an enormous number of invalid
addresses. But they have lots of zombies in their botnets, so they
don't care about all the failed mail.

These days, one theory is that spammers are relying less on harvesting
addresses and more on generating them. They use "alphabet spam",
where they simply generate sequences of names like aaa@<domain>,
aab@<domain>, and so on. Also, if they've harvested <user>@<domain1>,
they add <user>@<domain2>, <user>@<domain3>, and so on. The reason we
think techniques are in use is because there are many cases where
someone will activate a new email address and immediately start
getting spam, before they've ever published the address anywhere; the
most obvious explanation is that the spammers generated the address
themselves (another possibility is that they picked an address that
was previously used by another customer).

Barry Margolin,
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

[TELECOM Digest Editor's Note: Yes, but just imagine, if every
legitimate netizen out there would make the effort to add five or
ten minutes of extra work to the load of their favorite spammer. You
are correct, Barry, no one single effort is ever going to rid the net
of all the vermin out there these days. As I see it, the only thing
which will/might work is to make life as difficult as possible for as
many spammer-scammers as possible. Distribution of spam-scam should
not be the _easy_ job it is now; it should become a very difficult
task. If one cannot easily distribute spam-scam because distribution
scheme A (employed by a large number of netters) makes it impossible;
scheme B will not work either; a large number of netters use that;
and so forth with schemes C, D, and E. Their mailing lists and
messege queues should be difficult to handle as they are for the rest
of us. If it became as difficult to make money peddling spam lists
and scam schemes as it is to run a decent mailing list, that would
make me happy. In other words, your (on the internet) spam-scam
projects should wind up netting you as little profit as those of us
who maintain decent, worthwhile mailing lists (on the same net). That
would make me happy. PAT]

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Jason Szep: "My Space Faces Call to Crackdown on Predators"
Go to Previous message: TechNoRati: "Re: Who Has the Best Cell Coverage? It Depends on Where You Are"
May be in reply to: Munir Kotadia ZDNET Australia: "Using Dilution to Fight Phishers"
Next in thread: "Re: Using Dilution to Fight Phishers"
TELECOM Digest: Home Page