How Nigerian scammers get your email address?
22 Feb
Posted by Abdul Aziz as Security, Uncategorized
Have you ever wondered where you got an email from that spammer/scammer in Nigeria asking you to send your bank details so that he can share his unaccounted wealth with you?
I take special care when giving out my email address to anyone. I give my email only to legitimate established websites or friends. I also maintain a separate email id for suspicious websites. So how come they got my email?
I have an invisible tracker to track referrers and visitors to my website. Today, in my referrer’s list I saw an entry of particular interest:
And the entry page was http://thinkabdul.com/index.php?tag=gmail which contains the terms @hotmail.com, @yahoo.com and gmail.com. The search results also show up a lot of other email addresses.
I wondered why would anyone search for a term like that. The visitor’s information showed:
Visitor Information: 213.181.81.253 (BROADBANDTECH) [Label Visitor]
Location: -, -, NIGERIA
Last Visit Time: February 21, 2006 11:11:15 PM
The word NIGERIA struck me instantly. I went to Whois Source and searched for 213.181.81.253. The results showed this:
Blacklist Status: Listed - Cached Today (details)
Cached Whois: Cached today
Whois History: 2 records stored
Oldest: 2006-01-12
Newest: 2006-02-21
Record Type: IP Address
IP Location: Nigeria - Broadbandtech
Which proved that this ip address was blacklisted for spamming. On clicking details, it also showed the various sources from which the blacklist information for that ip was available:
Date Data Source Answer Information
2006-02-21 DNSBL.SORBS.NET 127.0.0.* SPAM http://www.dnsbl.us.sorbs.net/lookup.shtml
2006-02-21 L1.SPEWS.DNSBL.SORBS.NET 127.0.0.2 ! [1] misc16, see http://spews.org/ask.cgi?S703
2006-01-12 DNSBL.SORBS.NET 127.0.0.* SPAM http://www.dnsbl.us.sorbs.net/lookup.shtml
2006-01-12 L1.SPEWS.DNSBL.SORBS.NET 127.0.0.2 ! [1] misc16, see http://spews.org/ask.cgi?S703
So these guys basically search for popular first and last name along with the domain names of popular free email services and then harvest email addresses from them. And if you look at the search results, you will realize the wealth of email addresses available.
Subscribe [PC]
Subscribe [Mobile]
![Subscribe to Tech[dot]Blog on your cell phone](http://plusmo.com/badge-images/badge-8170265.gif "Subscribe to Tech[dot]Blog on your cell phone"){kind=icon}
RSS feed for comments on this post · TrackBack URI
Leave a reply