Directory Harvest Attacks Still Rising is reporting that last month was a great time to be a solid corporate email security provider, and a bad time to be a network administrator. In Directory Harvest attacks soar, it is noted that Postini, a provider of email security resources for companies, recorded the five worst days in tracking history, during the month of February. This data may lack certain statistical validity, as Postini doesn’t serve every email system on the planet, but it is interesting.

For those not in the know, a directory harvest attack is a process spammers use to gather valid email addresses. Spammers fire random (although sometimes ordered) email messages at corporate servers, then checking to see which get bounced back as invalid. Those messages that don’t usually indicate a valid address.

Now why a spammer would want to waste so much time at this is beyond me. Corporate servers may accept an valid message, but it is likely that the next intrusion, disquised as an Ephedra or organ enlargement offer, will get killed by the company’s spam detection implementation. Furthermore, people get lots of email at work, and it is usually work related (management hopes). A spam would be much more easily identifiable mixed with work related emails than personal ones. And the point of spam is to separate the reader from their money, somehow.

Sounds like spammers, hit with new roadblocks everywhere they turn, are starting to get more than a little desperate. Meanwhile, the more this happens, the better Postini looks (and good for them). But I still feel sorry for all the network admins, constantly having to reboot servers after floods of attacks.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.