Address harvesting meets word association football

19 July 2005

When I first set up this blog, I decided to pick a new URL for it and rather than sit down and try to come up with a phrase that would fit the blog, just played a bit of word association football: journalist, hack, hacking, cough. Simple. And all over in seconds. Just days later, I've got spam. Nothing to be surprised about even though I've not used the domain for any email addresses. It's simply a consequence of yet another directory harvest attack (DHA) I would imagine. However, it seems that some spammers have got past mailing "info" and "webmaster" and various combinations of first and last names to target domains and started playing word association football themselves.

It seems oddly fitting that the to-address of a couple of pieces of spam that I fished out of the webmail turned out to have been spawned using the very same process. But that is the only explanation for two messages that turned up addressed to "spittle". It took me a few seconds to work out why anyone should choose that word as an address until I looked again at my chosen URL.

I shall wait and see if "furball" and "splutter" turn up any time soon. And I will continue to wonder as to who the spammers were planning on getting through to, unless the purpose of DHAs now is simply to find any address that can get through the defences and possible reach a real person who will then simply hit the delete key. Or maybe its the sysadmins who clean out the flotsam that clogs up email servers who buy the most penis enlargement cream and who are most likely to see the weird names.

In the meantime, spittle at hackingcough.com will be forwarded to Mr BitBucket at DevNull Terrace.