New DIY email harvester released in the wild

by


In order for cybercriminals to launch, spam, phishing and targeted attacks, they would first have to obtain access to a “touch point”, in this case, your valid email address, IM screen name, or social networking account.

Throughout the years, they’ve been experimenting with multiple techniques to obtain usernames (YouTube user names, IM screen names, Hotmail email addresses) and valid email addresses from unsuspecting end and corporate users.

In this post we’ll profile a recently released Russian DIY  email harvester, and emphasize on the difference between notice and experienced cybercriminals in the context of the tactics and techniques they use to obtain a potential victim’s email address.

More details:

Screenshots of the Email harvester in action:

As you can see in the attached screeenshots, the program works by parsing email addresses available on a particular web site. It doesn’t automatically crawl other pages parked on the same domain. Instead, the page to be parses has to be a static one. The program, currently advertised as cybercrime-friendly web forums, doesn’t necessarily represent an immediate threat to Internet users, thanks to its simplistic nature.

Last month, Webroot profiled an underground web service that continue selling millions of already harvested email addresses, next to another service, selling exclusive access to U.S Government and U.S Military email addressesfor potential use in targeted, segmented attacks, also known as advanced persistent threats.

The primitive web page parsing technique used in this email harvester, cannot be compared to the data mining of malware-infected hosts for valid emails, next to actually harvesting them in real-time by using Twitter. These increasingly popular email harvesting techniques continue being used by cybercriminals across the globe in order to ensure that they can successfully reach their prospective victims at any time.

Webroot advises users to be extra cautions when sharing their email on a publicly accessible Web server, as spammers are constantly crawling these in order to obtain fresh and valid email addresses.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.


Trackbacks

  1. [...] in times when everything needed to become a spammer, starting for a managed spam appliance, DIY email harvesters, and millions of harvested emails, are available for sale within the cybercrime ecosystem. Despite [...]

  2. [...] средой: тут и управляемые спам-сервисы, и самонастраиваемые грабберы емэйлов, и миллионы уже собранных [...]

  3. [...] brands in an attempt to target as many market segments as possible. Thanks to the publicly avaiable DIY email harvesting tools, and managed databases of already harvested millions of segmented email addressess, cybercriminals [...]

  4. [...] for sale; Millions of harvested U.S government and U.S military email addresses offered for sale; New DIY email harvester released in the wild; A peek inside a managed spam service; Mobile spammers release DIY phone number harvesting [...]