Email directory harvest attacks rise 30 per cent

Directory harvest attacks are brute-force attempts by spammers to hijack an email directory

Attacks designed to steal a company's entire email directory rose by 30 per cent in August compared with the figures for July.

Message management firm Postini said its research showed that such attacks traditionally gather pace later in the year. 

"We have historically seen increased malicious connection activity during the end of summer and approaching the winter holiday season," said Scott Petry, founder and chief technical officer at Postini.

"This increase may be a signal that hackers are getting an early start trying to obtain legitimate email addresses in order to launch spam, phishing and virus attacks."

Directory harvest attacks are brute-force attempts by spammers to hijack an email directory, which is then used to launch spam attacks against corporate email servers.

The attacks use a program that guesses at possible email addresses within a domain and attempts to send messages to all of them.

Returned messages are seen as invalid, but addresses that do not bounce back are deemed active and are added to a spammer's database.

As well as stealing the data, the huge amount of mail sent over the corporate network during the attack can slow down the whole email system or cause a denial of service and bring it crashing down.

The highest level of directory harvest attacks in August originated from Seoul, Sao Paulo, Beijing, Taipei, Tokyo, Mittelfranken in Germany, Calgary in Canada and Herndon in Virginia.

Postini said that it blocked 23 million inbound viruses in August, which appeared in 0.45 per cent of all email scanned for the month.