back to article Common usernames get more spam

The use by spammers of dictionary attacks means those whose email address begins with a less common first character are liable to get less spam. Research by Richard Clayton of Cambridge University was initially reported as establishing that usernames beginning with A are likely to get more spam than those sporting a Z. Those …

COMMENTS

This topic is closed for new posts.
  1. Mike Crawshaw
    Thumb Up

    Zero Spam.

    by having a long e-mail address which is punctuated with underscores. Each of the words is in the dictionary, but together they make an easily-remembered phrase.

    e.g. (7-letter word)_(2-letter word)_(3-letter word)_(4-letter word)@somewhere.com

    I get nada that ain't invited, and I can't believe it's down to wonderful filters.(It's Hotmail ferkrissakes....!)

    NOTE TO REG STAFFERS WHO CAN SEE IT: THIS IS NOT AN INVITATION TO GIVE MY ADDRESS TO THE LADS FROM LAGOS!!!

  2. Anonymous Coward
    Thumb Down

    Yet another...

    ... state the bloomin' obvious research paper.

    Who would've thought that spammers could guess "john.smith@gmail.com" alot more easily than guessing "lucifer_von_beauforte_iii@gmail.com".

  3. Andy

    It's amazing -

    If you don't use your email address for anything, you won't get spam. I have two addresses that I've not given out to more than a couple of friends, in person, and they've never received spam; they're easily-guessed addresses, too. I also discovered that simply using more HTML entities in one address I had publicly posted cut my spam by about 80-90%. Being careful about where you enter an email address (and preferably using a spam-catcher address for anything you have to sign up to on the internet, which has very strict filtering) really does work.

    Oh, and by the way - Gmail has the best spam filtering I've come across in a free service. In several years I've only had 2 false positives, and as far as I can remember no spam has got through.

  4. lansalot

    err..

    isn't it more likely that your ISP or mail server spots the influx of spam more readily as it moves through the alphabet/spam-run and closes the hole accordingly ?

    One email to "albert" from a certain IP is less likely to raise an eyebrow than 10 similar ones to "albert", "betty", "charlie" etc...

    Simple heuristics, no ?

  5. steogede

    crossword

    >> (7-letter word)_(2-letter word)_(3-letter word)_(4-letter word)@somewhere.com

    >>

    >> I get nada that ain't invited, and I can't believe it's down to wonderful filters.(It's Hotmail

    >> ferkrissakes....!)

    Hmmm, let me think... Is it 'hotmail_is_the_dogs@hotmail.com'?

  6. Anonymous Coward
    Happy

    @Mike Crawshaw

    OHHHH hangman time, ideal sport on a friday afternoon:

    (7-letter word)_(2-letter word)_(3-letter word)_(4-letter word)

    I will guess at:

    SCRUBER_IN_THE_BATH

  7. Anonymous Coward
    Anonymous Coward

    Re: Zero Spam

    It's not that simple. If anyone you sent mail to automatically adds email address to their address book and they get scanned you can look forward to recieving loads of really nice offers.

  8. Ian Ferguson
    Thumb Down

    Not convinced by this research

    Shurely it's more to do with the commonness of the actual name, not the first letter? In the article it is argued that addresses beginning with P and M get more spam, because they are common letters for names to begin with. I would have thought it's the other way round - addresses with common names in get more spam, and addresses beginning with P and M get more spam as they are more likely to include a common name?

  9. Mike Groombridge

    my solution

    i just created an email address for things i sign up to and it all goes there log in to it once in awhile to keep it live but that's about it i'm relativly spam free get one or two but they go to the junk mail folder so i'm good

  10. Anonymous Coward
    Alert

    Bears and woods?

    Surely this was common sense? Apart from email address I don't care much about, picking up junk and noddy forums, my important email addresses for online purchases and friends are a convoluted mess of letters and numbers, as most spammers are bl**dy lazy and you can see the spam headers showing you alphabetical hits and dictionary based name generation.

  11. bluesxman
    Coat

    RE: Zero Spam.

    Presumptuously assuming that everyone else has a Futurama fixation...

    "Bending_in_the_Wind" ?

  12. Andy Silver badge

    P-p-p

    Postmaster begins with P. That must be why it gets so much spam.

    -A.

  13. Anonymous Coward
    Anonymous Coward

    @ AC

    "Who would've thought that spammers could guess "john.smith@gmail.com" alot more easily than guessing "lucifer_von_beauforte_iii@gmail.com"."

    Thanks a lot. Now that you've published my email address I can expect a load of spam. Thanks.

    Lucifer Von Beauforte III

  14. Peyton
    Paris Hilton

    Hmmm... not sure I get it

    Does it really do any good to go after all the, say, 'P'eytons... it's not a common name. I think the researchers are oversimplifying, and are ignoring the viral aspect of spam, and the fact that spammers are often pretty smart. A more likely scenario would be if I have a common name, it's more likely to appear in someone's address book - and from there it's likely that it will get a dictionary of domains appended to it in brute force style spam (I've seen this happen when I was an email admin in a former life ;) Plus, that way you don't miss out on all the popular non-names... so if wow_druid@aol.com gets pulled from a compromised address book, wow_druid@gmail.com, wow_druid@hotmail.com, etc., will be tried and not overlooked.

  15. Jolyon Ralph
    Thumb Up

    @mike

    lobster_in_our_bath@hotmail.com

    Am I close? Can anyone get closer? :)

  16. Anonymous Coward
    Anonymous Coward

    Tee Hee

    Just the thought that the spiders are scanning this article and harvesting everything with an @ symbol and adding it to the lists is making me chuckle.

    The more dodgy addresses that get into the spam lists the better as far as I'm concerned. Just as long as president@whitehouse.gov and gbrown@gov.uk are there as well :o)

  17. Nick

    Well blow me down with a feather!

    When hotmail.co.uk started I jumped in quick and picked up a couple of addresses which are my name. They pick up quite a few bits of spam even though I never got round to actually using them. Initials are just as popular.

    Occasionally I take a peek to see what the spam-du-jour is and I noticed that the other thing that happens is that people randomly use that address when registering things or filling out forms. I sometimes reply if a real person then gets in touch, one of whom worked at a golf club and couldn't get his head around the fact that I was the wrong person.

    I own a couple of spare domains so now everyone gets their own personalized version of my email address which is of the form:

    prefix.theirname.randomnumber@mydomain.com

    Anything without "prefix." at the start gets "User unknown" which stops most spambots forging random From: addresses at the domain.

    If I do get spam then I know who to blame and I can block that address whilst only affecting one person.

    The random number removes the guessability factor if you know the prefix.

  18. Mike Crawshaw
    Happy

    @ Lots

    You're all hideously wrong! Never mind, some of them were quite entertaining - especially the Futurama ref. I think some of you guys need to get yourselves on Countdown!

    @ chrisw: I've had the address for years now, I guess people don't auto-add me to their books, or that they haven't been scanned - at least I haven't received spam as a result, either way. Maybe the spam lists can't handle the addy length? (19 chars before the @)

    @ steogede: I could compare Hotmail to a lot of parts of a dog's anatomy, but none of 'em are complimentary.... I mainly use it for legacy reasons (had it for the best part of a decade, before GMail etc) and it's the address I use for a lot of forums etc - I'm just too lazy to change them all!

  19. Anonymous Coward
    Thumb Up

    BoxTrapper

    I tend to use my Hotmail account for registering with websites, then on my proper email account I use BoxTrapper, so unless I've added you as a friend, or new people have replied to the validation email. No Spam gets through my Inbox has remained spam free for the last few years.

  20. Anonymous Coward
    Linux

    Aardvark

    Anyone else here always use Aaron Aardvark as their system test user?

  21. Anonymous Coward
    Happy

    Gmail

    Gmail catches pretty much all the spam I get - plus all the forum post notifications / facebook spam / anything else I can't be arsed turning off on the actual site...

    I also use the username+website@gmail.com thing so if I do actually get any spam I can see exactly who sold my address on and double check their privacy policy before setting the dogs of war loose on them :)

  22. Anonymous Coward
    Thumb Down

    WTF @ Demon

    More importantly WTF are Demon Internet playing at handing out details of e-mails to third parties? Surely this is breach of data protection

  23. Jean-Francois Laforest
    Dead Vulture

    Barracuda Spam Firewall

    Screw gmail, get yourself a barracuda in front of your mail cluster and you're good to go, virus / spam free.

    We cut off about 96% of our mail traffic just by installing one... heck my mail server is sleeping.

    Other solutions work, yet, having more complex names isn't even remotely useful in the near future, they'll just adapt.

  24. Dr Patrick J R Harkin

    So xqqjkl@zjjqxlbxx.com won't get any spam?

    But he sends me so much!

  25. Anonymous Coward
    Anonymous Coward

    Re: Barracuda Spam Firewall

    You might end up with less spam - but I just wish they didn't bother bouncing spam that the SPF record fails (i.e. you bouncing a spam I never f**king sent)

  26. john kent
    Flame

    Too Late..........

    Guess it's too late to change my name. For now I'll just have to use a spam guard like SpamBully to keep myself from drowning in this stuff!

This topic is closed for new posts.

Other stories you might like