Almost everyone is aware of the nuisance caused by spam email. When we get to work in the morning we have to delete a bunch of useless messages from our Inbox before we can start the day. When we get home we have to do the same thing before getting around to reading messages from friends and family. Do you ever wonder how these spammers came by our email addresses in the first place?
There are several ways for spammers to gather email addresses to send their messages to. One of the oldest techniques involves sending a “bot” to crawl around on different Web sites, Usenet groups, and other similar Internet resources searching for email addresses. While this method works, it is time-consuming and prone to gathering addresses that are outdated and no longer in use. Another popular method involves generating email addresses using a technique called brute forcing. This method tries sending spam to addresses composed of every possible combination of letters and numbers (for example, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, etc.). Again, this method produces many invalid addresses and wastes the poor spammer’s time and resources.
So, what’s a spammer to do? Earlier this week a worm called JS.Yamanner@m propagated through the Yahoo! Mail Web mail service. Details of JS.Yamanner@m have already been discussed at length, but one significant action of the worm has been overlooked somewhat. When the worm runs it uploads the list of email addresses in the affected user’s address book to a Web site. The most likely reason for this upload is so that the addresses can be added to databases used by spammers and phishers. Since the addresses are contained in an active user account it is more likely that the majority of addresses are valid and current, therefore increasing their value.
While this is not the first piece of malicious code to gather email addresses, it does demonstrate that this is an ongoing concern. As spam becomes more profitable the spammers are, in turn, becoming more sophisticated because after all, time is money.