Research: Spammers actively harvesting emails from Twitter in real-time

Research: Spammers actively harvesting emails from Twitter in real-time

Summary: Security researchers from WebSense, have conducted an experiment, proving that Twitter is still a heaven for spammers looking to harvest freshly shared email addresses.

SHARE:

Security researchers from WebSense, have conducted an experiment, proving that Twitter is still a heaven for spammers looking to harvest freshly shared email addresses.

More details on the experiment:

We conducted research on how data that might be considered private is exposed via Twitter. The research focused on shared data, in particular email addresses, that can potentially be used against the one (or the organization) that shared it. During the research we monitored Twitter over a 24 hour period and found that users were publicly sharing email addresses connected with their inboxes, social media identities, and bank accounts. This leaves them open to advanced ‘social spear phishing’ attacks and spam campaigns.

Our research found that thousands of Email addresses are publicly shared daily via Twitter.  More than 11,000 email addresses were shared worldwide.

This isn't the first time that a vendor is aiming to raise awareness on the fact, users sharing their emails publicly, can become targets of successfully crafted spear phishing campaigns.

I little experiment I conducted back in 2009, also provided similar results. Basically, what I did was to measure the trending of words such as "email me at"; or "contact me at". The results? Thousands of freshly shared emails ready to be harvested by spammers in real-time.

Twitter email harvesters have been in the wild for years, it's time for Twitter's users to wake up and realize that the spammers are monitoring Twitter's global feed, and are successfully harvesting their email addresses.

Topics: Social Enterprise, Collaboration, Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Yawn!

    Yawn! Tell us something new like whos getting arrested for spamming. Or maybe are new laws being considered.
    Stan57
  • RE: Research: Spammers actively harvesting emails from Twitter in real-time

    Sadly, the people that need to know this information have no idea what e-mail harvesting means or why it's important. All they care about is Twitter spitting out the latest Kardashian Blather or which members of the Jersey Shore gang are having sex with which other members this week
    bclomptwihm