What does it take to be a successful spammer in 2012? Access to a botnet, managed spamming appliance, spam templates that are capable of bypassing spam filters, and most importantly freshly harvested databases of valid emails from multiple email providers.
Let’s profile a web-based service currently selling millions of harvested emails to potential spammers, and find out just how easy it is to purchase that kind of data within the cybercrime ecosystem.
Like every successful marketer, spammers too, know the basics of market segmentation, and market localization. From vendors of localization on demand services, offering spammers to ability to translate their messages to the native languages of their prospective recipients, to vendors of segmented email databases, in 2012 spamming is easy to outsource and manage as a service.
The web-service I’m going to profile is called Baza-Inform. Basically, it offers potential spammers segmented databases of harvested emails.
Currently, the service has the following inventory of emails:
- mail.ru, bk.ru, list.ru, inbox.ru – 15 970 807
- ya.ru, yandex.ru, narod.ru – 3 091 994
- rambler.ru, lenta.ru, ro1.ru – 1 636 720
- qip.ru, pochta.ru, fromru.com – 1 944 490
- nextmail.ru – 185 987
- gmail.com, googlemail.com – 8 888 053
- yahoo.com, yahoo.us – 36 267 998
- hotmail.com – 28 829 391
- aol.com – 22 356 273
- gmx.com, gmx.de – 12 465 024
Just how easy is it to harvest emails? Like in every other market segment within the cybercrime ecosystem, spammers are quick to adapt to emerging trends aiming to prevent the automatic harvesting of emails. In 2008, I came across an email harvester that’s capable of harvesting emails in the following formats:
mail@mail.com
mail[at]mail.com
mail[at]mail[dot]com
mail [space]mail [space]com
mail(@)mail.com
mail(a)mail.com
mail AT mail DOT com
Moreover, in 2009 it became evident that spammers are directly harvesting emails from Twitter users who share their email details over the micro-blogging service. Clearly, such lists are fairly easy to compile, given the active harvesting on behalf of the spammers. In terms of quality assurance, prospective buyers cannot verify the validity of the database until they purchase it. Once they purchase it, they will use tools such as the High Speed Verifier to verify their validity automatically.
Monitoring of the service is ongoing. Details will be published as soon as they update their underground market proposition.
You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.
Email Spider is a fast multi-threaded application that “scrapes” email addresses from given URL ’s. You can import both emails and link allowing you to remove duplicates if need be. Crawl a little or crawl a lot at once, it’s up to you!
After reading your blog comments my heart stopped because I have setup so many different accounts – Hotmail – Gmail – Yahoo – tons on ADMIN accounts and such…I really didn’t know it was so easy to harvest emails for power folk like you…Now I am determined to tighten up my ship and be more careful…I’m starting to get more and more spam emails all the time and appreciate your help in doing so…At least I’m more aware of what’s going on behind the scenes…I can’t be such an idiot about this Internet stuff anymore…There are people out there that are going after me…Thanks again for your help and information…I’ll get better going forward with protecting myself and knowing what’ really going on out there in the world you speak of! 🙂