Common usernames get more spam
Mike Crawshaw
Zero Spam. #
Posted Friday 29th August 2008 12:42 GMT
by having a long e-mail address which is punctuated with underscores. Each of the words is in the dictionary, but together they make an easily-remembered phrase.
e.g. (7-letter word)_(2-letter word)_(3-letter word)_(4-letter word)@somewhere.com
I get nada that ain't invited, and I can't believe it's down to wonderful filters.(It's Hotmail ferkrissakes....!)
NOTE TO REG STAFFERS WHO CAN SEE IT: THIS IS NOT AN INVITATION TO GIVE MY ADDRESS TO THE LADS FROM LAGOS!!!
Anonymous Coward
Yet another... #
Posted Friday 29th August 2008 12:48 GMT
... state the bloomin' obvious research paper.
Who would've thought that spammers could guess "john.smith@gmail.com" alot more easily than guessing "lucifer_von_beauforte_iii@gmail.com".
Andy
It's amazing - #
Posted Friday 29th August 2008 13:28 GMT
If you don't use your email address for anything, you won't get spam. I have two addresses that I've not given out to more than a couple of friends, in person, and they've never received spam; they're easily-guessed addresses, too. I also discovered that simply using more HTML entities in one address I had publicly posted cut my spam by about 80-90%. Being careful about where you enter an email address (and preferably using a spam-catcher address for anything you have to sign up to on the internet, which has very strict filtering) really does work.
Oh, and by the way - Gmail has the best spam filtering I've come across in a free service. In several years I've only had 2 false positives, and as far as I can remember no spam has got through.
lansalot
err.. #
Posted Friday 29th August 2008 13:28 GMT
isn't it more likely that your ISP or mail server spots the influx of spam more readily as it moves through the alphabet/spam-run and closes the hole accordingly ?
One email to "albert" from a certain IP is less likely to raise an eyebrow than 10 similar ones to "albert", "betty", "charlie" etc...
Simple heuristics, no ?
steogede
crossword #
Posted Friday 29th August 2008 13:28 GMT
>> (7-letter word)_(2-letter word)_(3-letter word)_(4-letter word)@somewhere.com
>>
>> I get nada that ain't invited, and I can't believe it's down to wonderful filters.(It's Hotmail
>> ferkrissakes....!)
Hmmm, let me think... Is it 'hotmail_is_the_dogs@hotmail.com'?
Anonymous Coward
@Mike Crawshaw #
Posted Friday 29th August 2008 13:28 GMT
OHHHH hangman time, ideal sport on a friday afternoon:
(7-letter word)_(2-letter word)_(3-letter word)_(4-letter word)
I will guess at:
SCRUBER_IN_THE_BATH
Chris W
Re: Zero Spam #
Posted Friday 29th August 2008 13:29 GMT
It's not that simple. If anyone you sent mail to automatically adds email address to their address book and they get scanned you can look forward to recieving loads of really nice offers.
Ian Ferguson
Not convinced by this research #
Posted Friday 29th August 2008 13:29 GMT
Shurely it's more to do with the commonness of the actual name, not the first letter? In the article it is argued that addresses beginning with P and M get more spam, because they are common letters for names to begin with. I would have thought it's the other way round - addresses with common names in get more spam, and addresses beginning with P and M get more spam as they are more likely to include a common name?
Mike Groombridge
my solution #
Posted Friday 29th August 2008 13:29 GMT
i just created an email address for things i sign up to and it all goes there log in to it once in awhile to keep it live but that's about it i'm relativly spam free get one or two but they go to the junk mail folder so i'm good
Anonymous Coward
Bears and woods? #
Posted Friday 29th August 2008 14:23 GMT
Surely this was common sense? Apart from email address I don't care much about, picking up junk and noddy forums, my important email addresses for online purchases and friends are a convoluted mess of letters and numbers, as most spammers are bl**dy lazy and you can see the spam headers showing you alphabetical hits and dictionary based name generation.
bluesxman
RE: Zero Spam. #
Posted Friday 29th August 2008 14:23 GMT
Presumptuously assuming that everyone else has a Futurama fixation...
"Bending_in_the_Wind" ?
Andy
P-p-p #
Posted Friday 29th August 2008 14:52 GMT
Postmaster begins with P. That must be why it gets so much spam.
-A.
Anonymous Coward
@ AC #
Posted Friday 29th August 2008 14:52 GMT
"Who would've thought that spammers could guess "john.smith@gmail.com" alot more easily than guessing "lucifer_von_beauforte_iii@gmail.com"."
Thanks a lot. Now that you've published my email address I can expect a load of spam. Thanks.
Lucifer Von Beauforte III
Peyton
Hmmm... not sure I get it #
Posted Friday 29th August 2008 14:52 GMT
Does it really do any good to go after all the, say, 'P'eytons... it's not a common name. I think the researchers are oversimplifying, and are ignoring the viral aspect of spam, and the fact that spammers are often pretty smart. A more likely scenario would be if I have a common name, it's more likely to appear in someone's address book - and from there it's likely that it will get a dictionary of domains appended to it in brute force style spam (I've seen this happen when I was an email admin in a former life ;) Plus, that way you don't miss out on all the popular non-names... so if wow_druid@aol.com gets pulled from a compromised address book, wow_druid@gmail.com, wow_druid@hotmail.com, etc., will be tried and not overlooked.
Jolyon Ralph
@mike #
Posted Friday 29th August 2008 15:37 GMT
lobster_in_our_bath@hotmail.com
Am I close? Can anyone get closer? :)
Anonymous Coward
Tee Hee #
Posted Friday 29th August 2008 15:37 GMT
Just the thought that the spiders are scanning this article and harvesting everything with an @ symbol and adding it to the lists is making me chuckle.
The more dodgy addresses that get into the spam lists the better as far as I'm concerned. Just as long as president@whitehouse.gov and gbrown@gov.uk are there as well :o)
Nick
Well blow me down with a feather! #
Posted Friday 29th August 2008 15:37 GMT
When hotmail.co.uk started I jumped in quick and picked up a couple of addresses which are my name. They pick up quite a few bits of spam even though I never got round to actually using them. Initials are just as popular.
Occasionally I take a peek to see what the spam-du-jour is and I noticed that the other thing that happens is that people randomly use that address when registering things or filling out forms. I sometimes reply if a real person then gets in touch, one of whom worked at a golf club and couldn't get his head around the fact that I was the wrong person.
I own a couple of spare domains so now everyone gets their own personalized version of my email address which is of the form:
prefix.theirname.randomnumber@mydomain.com
Anything without "prefix." at the start gets "User unknown" which stops most spambots forging random From: addresses at the domain.
If I do get spam then I know who to blame and I can block that address whilst only affecting one person.
The random number removes the guessability factor if you know the prefix.
Mike Crawshaw
@ Lots #
Posted Friday 29th August 2008 15:52 GMT
You're all hideously wrong! Never mind, some of them were quite entertaining - especially the Futurama ref. I think some of you guys need to get yourselves on Countdown!
@ chrisw: I've had the address for years now, I guess people don't auto-add me to their books, or that they haven't been scanned - at least I haven't received spam as a result, either way. Maybe the spam lists can't handle the addy length? (19 chars before the @)
@ steogede: I could compare Hotmail to a lot of parts of a dog's anatomy, but none of 'em are complimentary.... I mainly use it for legacy reasons (had it for the best part of a decade, before GMail etc) and it's the address I use for a lot of forums etc - I'm just too lazy to change them all!
Anonymous Coward
BoxTrapper #
Posted Friday 29th August 2008 15:52 GMT
I tend to use my Hotmail account for registering with websites, then on my proper email account I use BoxTrapper, so unless I've added you as a friend, or new people have replied to the validation email. No Spam gets through my Inbox has remained spam free for the last few years.
Anonymous Coward
Aardvark #
Posted Friday 29th August 2008 15:52 GMT
Anyone else here always use Aaron Aardvark as their system test user?
Anonymous Coward
Gmail #
Posted Friday 29th August 2008 15:54 GMT
Gmail catches pretty much all the spam I get - plus all the forum post notifications / facebook spam / anything else I can't be arsed turning off on the actual site...
I also use the username+website@gmail.com thing so if I do actually get any spam I can see exactly who sold my address on and double check their privacy policy before setting the dogs of war loose on them :)
Anonymous Coward
WTF @ Demon #
Posted Friday 29th August 2008 16:26 GMT
More importantly WTF are Demon Internet playing at handing out details of e-mails to third parties? Surely this is breach of data protection
Jean-Francois Laforest
Barracuda Spam Firewall #
Posted Friday 29th August 2008 19:41 GMT
Screw gmail, get yourself a barracuda in front of your mail cluster and you're good to go, virus / spam free.
We cut off about 96% of our mail traffic just by installing one... heck my mail server is sleeping.
Other solutions work, yet, having more complex names isn't even remotely useful in the near future, they'll just adapt.
Dr Patrick J R Harkin
So xqqjkl@zjjqxlbxx.com won't get any spam? #
Posted Monday 1st September 2008 09:13 GMT
Anonymous Coward
Re: Barracuda Spam Firewall #
Posted Monday 1st September 2008 17:55 GMT
You might end up with less spam - but I just wish they didn't bother bouncing spam that the SPF record fails (i.e. you bouncing a spam I never f**king sent)
john kent
Too Late.......... #
Posted Thursday 4th September 2008 23:57 GMT
Guess it's too late to change my name. For now I'll just have to use a spam guard like SpamBully to keep myself from drowning in this stuff!
Back to the article
