Hello,
My question is about ebay scamming.(The email appears to be from ebay
and requests the person to disclose his information).
Even though ebay has disabled emails as login names and does not
disclose a user's email anymore spammers continue to operate.
How do they obtain their emails? Do they target ebay community forums
and other sites where ebay users would go? If so please provide urls.
What kind of extracting/harvesting software do they use?(I know they
use advanced email extractor(www.mailutlities.com/aee) and madweb and
a couple of others but I have been unable to find a single email
extractor for linux that these people can use yet people say there are
many out there..are these custom coded private tools if not please
tell me more about these tools?
How would a person go about making sure that his/her email does not get harvested?
How does one protect his site from email harvesters/extractors?
What other sites are common targets of these scammers and do they have
similar security measures like ebay if not how do they go about
protecting their users?
Fast and detailed answer = big tip :).
Thank you.

---

Request for Question Clarification by pafalafa-ga on 15 Nov 2003 14:19 PST

Hello ploit-ga,

You've asked about a fascinating topic, but I'm afraid there are so
many bits and pieces to your question that it's difficult (for me, at
least) to get my arms around it in order to provide an answer to you.

Your main interest seems to be in protecting your email address from
harvesting.  If that is the case, perhaps you would consider
fine-tuning your question to focus just on that topic -- I think it
would increase the chances of your getting a fast, comprehensive and
useful answer.

Let me and the rest of the GA researchers know how we can best meet your needs.

Thanks.

pafalafa-ga

I am not an eBay user, but I get them as well. My guess is that your
email address has been harvested normally, either from signing up for
something, or from having anywhere on the web.

Obtaining e-mail addresses for use by spammers is a big industry.

It started with e-mail harvesters (robots) visiting web sites gleaning
addresses in mailto links and from web-based Usenet archives
(originally DejaNews).  Check your web site logs to find "visitors"
with agent strings such as EmailSiphon, ExtractorPro, Sonic Email
Collector, EmailWolf and CherryPicker.  These are visiting programs.

With a list of available domains, spammers "guess" e-mail addresses by
sending mail to addresses like david@example.com and
postmaster@example.com.

People also collect e-mail addresses from unprotected lists of
subscribers to mailing lists.  There are standard commands for mailing
list software such as majordomo and Mailman to obtain a list of
subscribers.  Not all list administrators know how to disable this
feature to the public.

Nowadays, there's a lot of effort to validate harvested or guessed
e-mail addresses by mail.  This is done through messages with a
"remove me" link which really just confirms that your address is
active, and with images associated with cookies in a message which,
when the message is displayed, confirms your e-mail address.

I suppose that viruses can also be used to collect e-mail addresses. 
With just a small number of e-mail addresses, a virus can send itself
to other people by looking addresses in the Address Book and then
report back.

To protect a new e-mail address from spam:

1) don't get a Hotmail account (even unused hotmail accounts get spam)
2) don't put your e-mail address in a mailto link on publicly-accessible web pages
3) don't use the address when posting messages to Usenet
4) disable the loading of remote images in your mail and news readers
5) disable cookies in mail and news
6) disable Javascript in mail and news
7) don't provide the address on any forms (unless you believe their privacy policy)
8) don't click on any links in any suspicous mail or in obvious spam
9) don't reply to spam (e.g., to ask to be removed from their list)
10) don't open any mail attachments unless from a trusted source
11) don't use Outlook (it's particularly vulnerable to viruses)


Paola