By Mark Ward
Technology Correspondent, BBC News website
Research has revealed that peer-to-peer (P2P) networks are proving a lucrative hunting ground for spammers.
Many people are accidentally sharing sensitive information
Start-up Blue Security has found that junk mailers are actively harvesting and spamming e-mail addresses they find on file-sharing networks.
The address books they are exploiting are inadvertently being shared on the peer-to-peer networks by novice users.
The company warns that addresses stolen this way could be used to avoid filters set up to stop spam getting through.
File-sharing networks such as Kazaa, Edonkey and Gnutella are proving very popular with folk keen to share their music and movie collections.
But Blue Security has found that they are proving very popular with spammers because they are a great source of live e-mail addresses and contact lists.
Eran Reshef, founder and chief executive of Blue Security, said spammers' liking for P2P was brought to light by research staff looking at the ways junk mail reaches users.
Blue Security is working on a Do-Not-Disturb registry for e-mail that would work in a similar way to the Do-Not-Call registries for phone owners.
Mr Reshef said many naïve users of file-sharing systems had set their PCs to share almost any file on their hard drive which let anyone else on the network get at it.
"Spammers are sitting on P2P networks and basically lurking there waiting for novice users to accidentally share their addresses," said Mr Reshef.
Spammers are using the search tools built in to file-sharing systems to find archive files of popular e-mail programs such as Outlook or simply files that contain mail addresses.
"It's not a special technology or anything else," said Mr Reshef, "its just a clever use of the existing tools."
Some of the address books that can be found in file-sharing networks were huge, said Mr Reshef, suggesting that they contain all the addresses to which users have ever sent messages.
"It could contain your entire life," said Mr Reshef. "The fact that people are sharing this is quite amazing."
Anyone trawling peer-to-peer systems for the archive files or documents containing addresses could quite easily harvest tens of thousands of active e-mail addresses, said Mr Reshef.
Examples of address books found by Blue Security on P2P systems include a list of professors at a university, an address list of pro-gay marriage supporters and an internet store's complete customer list.
To see if spammers had noticed that address books were available, Blue Security created 500 fake accounts that shared address books via the Gnutella and edonkey networks.
Within three days all the files containing addresses had been downloaded, on average, 25 times each. More than 700 spam e-mail messages had also been sent to the addresses listed in the files.
It's not just music and movies being shared on P2P systems
Mr Reshef said the spam came from many different sources suggesting that the addresses had been traded among spam groups.
What is especially useful about e-mail addresses harvested in this way, said Mr Reshef, was the contextual information that archive files provide.
Using this spammers could work out who knows whom and fake who an e-mail is coming from to make it look legitimate. In this way, said Mr Reshef, spammers could defeat block lists.
"They could make spam look like it's coming from a friend so the white lists treat it as a safe sender," he said.
While users can change settings to stop sharing e-mail archive files this may not be enough to protect them.
"It's not like a virus where you can do something to protect yourself," said Mr Reshef, "it's about someone else exposing your e-mail address."