Application security, Security Strategy, Plan, Budget

Study: Spammers employ alphabetic techniques

A University of Cambridge computer scientist, in a study of 500 million junk messages, has noticed a wide discrepancy in the amount of junk that different email addresses received, and that it seemed to hinge on their initial address letters.

Of those email addresses starting with an “A,” “M” or “S,”  40 percent got spam, while those beginning with a “Q” or “Z” got about 20 percent, the study's author, Richard Clayton, found.

Clayton also learned that the difference could be because of the way spammers generate email addresses to target. In his report, he said that spammers often carry out so-called “dictionary” attacks, in which they use the part of a live email address in front of the “@” symbol that they know is live, and add that to other internet domain names to generate a new address.

Thus, spammers who know that there is a real person attached to john[at]example[dot]com may try sending to john[at]another[dot]com to see whether that reaches a live account.

The research, Clayton said, has raised some anomalies that needed further research. For instance, he said, addresses starting with the letter “U” appear to get more than 50 percent spam despite there being relatively few of such addresses.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.