[PSA] Joost sells email addresses
Michael Brian Bentley
bentley at crenelle.com
Mon Mar 5 11:28:37 PST 2007
>I don't think you can be certain that Joost sold your address. The
>spam could have been the result of Directory Harvest.
>
>http://en.wikipedia.org/wiki/Directory_Harvest_Attack
>
> M
I think this is still an attack based on the use of a dictionary of
likely or possible address names. If you use an unlikely name,
something that otherwise looks like an arcane password, such as
M2rg4tr0yd_ (at)Ivorytower(dot)com, the dictionary is unlikely to
contain that name--unless the name slips into spammer consciousness
by using it in the open on Usenet, or by sending it to a company that
claims to not sell contact information... making the name as arcane
as possible for use in one specific, private situation is going to
make it difficult to describe how a spammer got hold of it by any way
other than the recipient selling it.
Because some enterprising Joost employee may be taking liberties with
incoming addresses in a fashion counter to expressed Joost policy,
I'd try to contact Joost and complain about it. The beauty of
one-shot names is that they can be turned off instantly.
-Mike
More information about the MacOSX-talk
mailing list