Spammers harvesting emails from Twitter - in real time

Summary:Spammers are no strangers to the ever-growing Twitter. From commercial Twitter spamming tools, to re-tweeting trending topics for delivering their message, a new crafty search technique can provide spammers with fresh and valid emails harvested from Twitter's users in real-time.

Spammers are no strangers to the ever-growing Twitter. From commercial Twitter spamming tools, to re-tweeting trending topics for delivering their message, a new crafty search technique can provide spammers with fresh and valid emails harvested from Twitter's users in real-time.

Basically, the search query consists of common phrases such as "email me at" and "contact me at" in a combination with a domain of a spammer's choice.

The result? A flood of valid and fresh email addresses of Twitter users unaware that their emails will not only get indexed by public search engines, but also, that the output can be syndicated for spamming purposes.

From theory into practice - a day after the tactic was discussed a proof of concept script was released, even though it should be logical to assume that the practice has been taking place for a while now.

Email harvesting has been around since the early days of the Internet, and has therefore greatly evolved throughout the years. From the JS.Yamanner@m worm spreading through a Yahoo Mail flaw in 2006, harvesting @yahoo.com emails from the infected indoxes in order to further propagate, the email harvesting scripts crawling the web and their modern versions, to the Web 2.0 spammer's mentality of harvesting instant messaging and social networking user names - their database usually ends up as value-added service in a managed spam vendor's proposition.

In Twitter's case, their TOS states that:

  • You are solely responsible for your conduct and any data, text, information, screen names, graphics, photos, profiles, audio and video clips, links ("Content") that you submit, post, and display on the Twitter.com service

And whereas that should be the case, what Twitter can do to at least slow down this efficient email harvesting approach, is to either allow its users to choose whether or not they would like to have their emails/phone numbers obfuscated (reCAPTCHA Mailhide), or enforce the policy to all users.

Topics: Collaboration, Security, Social Enterprise

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.