Hotmail: A Spammer's Paradise?
If so many spam offers weren't totally bogus, Hotmail users would be incredibly well-endowed, slim people with plenty of hair who make big money working at home when they aren't having great sex provoked by free porn and herbal Viagra.
Many users of the free e-mail service offered by Microsoft's MSN.com say that within a day of creating a new Hotmail account the spam starts flowing in, almost as if spammers have sunk a tap directly into Hotmail's user database and are slurping up a free-flowing torrent of e-mail addresses.
And according to Steve Linford, of the anti-spam Spamhaus Project, that's almost exactly what's happening.
Spamhaus has proof that at least one spammer has been conducting a massive dictionary attack against the mail servers of both Hotmail.com and MSN.com, at the rate of three to four tries per second, 24 hours a day, continuously for the last five months.
A dictionary attack utilizes software that opens a connection to the target mail server and then rapidly submits millions of random e-mail addresses. Many of these addresses have slight variations, such as "firstname.lastname@example.org" and "email@example.com." The software then records which addresses are "live" and adds the addresses to the spammers list. These lists are typically resold to many other spammers.
Dictionary attacks are not new, and many e-mail servers are protected against them, but Hotmail and MSN servers are not.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.