[nSLUG] Skimming out the spam harvester opportunities from this mailing list

gnwiii at gmail.com gnwiii at gmail.com
Sun Jan 29 12:52:28 AST 2006

On 1/29/06, Donald Teed <donald.teed at gmail.com> wrote:
> Hi,
> Today I received an email from "nslug <nslug at nslug.ns.ca>"
> at the older address that I used to subscribe to this list.
> Of course it is a virus, but I became curious how it could
> find my other email address associated with this.  Google
> search showed that there are pages such as this:
> http://www.nslug.ns.ca/pipermail/nslug/2002-December.txt
> It looks like the "In-Reply-To:" lines are sometimes a
> source of email addresses.

I think email addresses are harvested from VISTA (VIrus, Spyware,
Trojan, and Ad-ware)
infested systems.  The harvester looks for all strings that resemble
email addresses in
files on infested machines, so once an address is saved to disk on a
VISTA susceptible machine, it is very likely to be used for virus or
spam emails.

> This part of the email header does not appear in the
> Threaded and other views - only in the archived digest view.
> I'm not aware of any value the In-Reply-To has in the
> digest, and so I suggest there be a way to purge those
> lines from the file that is published.
> Of course if the spam harvesters are now able to pull together
> email addresses from all of those "at" substitutes, then I
> guess the effort is fruitless.

These days you also need to worry about whether someone could use
information spread around the internet to build a profile that could
be used against you.  Currently high-income individuals are being
targeted, but if you win the lottery you too could become a subject of
interest.  Vendors can use information such as usenet and mail posts
to have individuals who happen to be members of organizations that
promote open tools being disqualified from standards setting and
purchasing decisions.

George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia


More information about the nSLUG mailing list