Author: H.User1325 (13 Mar 12 10:12am)
check http://www.projecthoneypot.org/faq.php for an answer.
A dictionary attacker is a spammer that uses a "dictionary" of common email names to try to guess an email address to send their spam to. For example, how many companies have an email address like INFO{at}mybusiness[dot]com? Many domains also have email addresses for postmaster{at} or webmaster{at} or newsletter{at}.
So with a list of domain names and a dictionary of common email names the spammer generates (makes up) a bunch of addresses to spam, just to see if they get any responses. With a dictionary of say 100 names (part before the @) and 1,000 domain names (the part after the @) they quickly generate and send 100,000 spam:
info{at}domain1.com, info{at}domain2.com... webmaster{at}domain1.com, webmaster{at}domain2.com...
Back in the dark ages I got LOTS of spam sent to webmaster and postmaster. Still do but not so much. I always have thought this was really dumb. Who would you thank would be the most internet savvy and not bit on spam? webmasters and postmasters. But then no one ever accused a spammer of being smart. Besides there is no evidence that spammers scrub their list. It cost them almost nothing to send an email and if one in a thousand respond that is good - well good for them. Remember it is a volume business: if you send (just) a 100K spam a day and make $10 on each response, they only need 0.1% of the spam to get answered to make $1,000 a day. Based on reports 100K spam is a small operation.
|