[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Thursday, 21 April, 2005, 09:07 GMT 10:07 UK
File-sharers facing spam attacks
By Mark Ward
Technology Correspondent, BBC News website

Screengrab of e-mail files available on peer-to-peer networks, Blue Security
Many people are accidentally sharing sensitive information
Research has revealed that peer-to-peer (P2P) networks are proving a lucrative hunting ground for spammers.

Start-up Blue Security has found that junk mailers are actively harvesting and spamming e-mail addresses they find on file-sharing networks.

The address books they are exploiting are inadvertently being shared on the peer-to-peer networks by novice users.

The company warns that addresses stolen this way could be used to avoid filters set up to stop spam getting through.

Lurking danger

File-sharing networks such as Kazaa, Edonkey and Gnutella are proving very popular with folk keen to share their music and movie collections.

But Blue Security has found that they are proving very popular with spammers because they are a great source of live e-mail addresses and contact lists.

Eran Reshef, founder and chief executive of Blue Security, said spammers' liking for P2P was brought to light by research staff looking at the ways junk mail reaches users.

Blue Security is working on a Do-Not-Disturb registry for e-mail that would work in a similar way to the Do-Not-Call registries for phone owners.

Mr Reshef said many na´ve users of file-sharing systems had set their PCs to share almost any file on their hard drive which let anyone else on the network get at it.

It's not like a virus where you can do something to protect yourself, it's about someone else exposing your e-mail address
Eran Reshef, Blue Security
"Spammers are sitting on P2P networks and basically lurking there waiting for novice users to accidentally share their addresses," said Mr Reshef.

Spammers are using the search tools built in to file-sharing systems to find archive files of popular e-mail programs such as Outlook or simply files that contain mail addresses.

"It's not a special technology or anything else," said Mr Reshef, "its just a clever use of the existing tools."

Some of the address books that can be found in file-sharing networks were huge, said Mr Reshef, suggesting that they contain all the addresses to which users have ever sent messages.

"It could contain your entire life," said Mr Reshef. "The fact that people are sharing this is quite amazing."

Anyone trawling peer-to-peer systems for the archive files or documents containing addresses could quite easily harvest tens of thousands of active e-mail addresses, said Mr Reshef.

Examples of address books found by Blue Security on P2P systems include a list of professors at a university, an address list of pro-gay marriage supporters and an internet store's complete customer list.

Test case

To see if spammers had noticed that address books were available, Blue Security created 500 fake accounts that shared address books via the Gnutella and edonkey networks.

Blank CD being put in drive, BBC
It's not just music and movies being shared on P2P systems
Within three days all the files containing addresses had been downloaded, on average, 25 times each. More than 700 spam e-mail messages had also been sent to the addresses listed in the files.

Mr Reshef said the spam came from many different sources suggesting that the addresses had been traded among spam groups.

What is especially useful about e-mail addresses harvested in this way, said Mr Reshef, was the contextual information that archive files provide.

Using this spammers could work out who knows whom and fake who an e-mail is coming from to make it look legitimate. In this way, said Mr Reshef, spammers could defeat block lists.

"They could make spam look like it's coming from a friend so the white lists treat it as a safe sender," he said.

While users can change settings to stop sharing e-mail archive files this may not be enough to protect them.

"It's not like a virus where you can do something to protect yourself," said Mr Reshef, "it's about someone else exposing your e-mail address."


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific