Directory harvest attack
Directory harvest attack (DHA) is a technique used by spammers to collect valid email addresses from a particular domain. This method involves sending a large number of emails to different possible addresses within a domain and recording which addresses do not result in a bounce-back message. The addresses that do not bounce back are considered valid and are then targeted for spam.
Mechanism[edit | edit source]
A directory harvest attack typically involves the following steps:
- The attacker generates a list of potential email addresses using common names, words, and patterns.
- The attacker sends emails to these addresses.
- The attacker monitors the responses to identify which emails bounce back as undeliverable.
- The attacker compiles a list of valid email addresses that did not bounce back.
Prevention[edit | edit source]
Organizations can take several measures to protect against directory harvest attacks:
- Implementing rate limiting on incoming email traffic to detect and block suspicious patterns.
- Using CAPTCHA challenges for email sign-ups to prevent automated systems from generating email addresses.
- Employing email address obfuscation techniques to make it harder for attackers to guess valid addresses.
- Configuring mail servers to not reveal whether an email address is valid or not in bounce-back messages.
Impact[edit | edit source]
Directory harvest attacks can lead to an increase in spam, phishing attempts, and other malicious activities targeting the harvested email addresses. This can result in decreased productivity, increased security risks, and potential damage to the organization's reputation.
Related Pages[edit | edit source]
This cybercrime related article is a stub. You can help WikiMD by expanding it.
Navigation: Wellness - Encyclopedia - Health topics - Disease Index - Drugs - World Directory - Gray's Anatomy - Keto diet - Recipes
Search WikiMD
Ad.Tired of being Overweight? Try W8MD's physician weight loss program.
Semaglutide (Ozempic / Wegovy and Tirzepatide (Mounjaro / Zepbound) available.
Advertise on WikiMD
WikiMD is not a substitute for professional medical advice. See full disclaimer.
Credits:Most images are courtesy of Wikimedia commons, and templates Wikipedia, licensed under CC BY SA or similar.
Translate this page: - East Asian
中文,
日本,
한국어,
South Asian
हिन्दी,
தமிழ்,
తెలుగు,
Urdu,
ಕನ್ನಡ,
Southeast Asian
Indonesian,
Vietnamese,
Thai,
မြန်မာဘာသာ,
বাংলা
European
español,
Deutsch,
français,
Greek,
português do Brasil,
polski,
română,
русский,
Nederlands,
norsk,
svenska,
suomi,
Italian
Middle Eastern & African
عربى,
Turkish,
Persian,
Hebrew,
Afrikaans,
isiZulu,
Kiswahili,
Other
Bulgarian,
Hungarian,
Czech,
Swedish,
മലയാളം,
मराठी,
ਪੰਜਾਬੀ,
ગુજરાતી,
Portuguese,
Ukrainian
Contributors: Prab R. Tumpati, MD