Random Posts

Tuesday, March 26, 2013

How to Avoid Being Harvested by Spambots

One of the primary ways spammers get email addresses is by stealing them from websites. They do this by using "spambots," computer programs which automatically troll web pages and harvest email addresses.   It is important to protect your address so your address doesn’t get ‘harvested.’  My former employer was a great place to get these in one’s email…the Chinese were especially good at it. Using the tips and tricks below will be effective at stopping most spambots.

"Munging" Your Address:

This involves modifying the addresses on your site in such a way that they are invalid but easily fixed by human beings; the second is to hide addresses on your pages so spambots cannot find them.

You can make your address technically invalid by inserting random text that spambots won't be able to recognize as not being part of the address, but most human beings will understand they need to remove before sending to you.

Zartajubow@example.Zom (replace the Z with T and  C)

Spambots will still harvest these addresses, but when spammers send to them their messages will bounce. Unfortunately, this continues to create traffic on the network and your mail server.  Also many legitimate visitors to your website will incorrectly demung your address and therefore be unable to send messages to you.

The second strategy is to hide addresses from spambots so they are never even harvested. If you want to hide your addresses from spambots, you must understand how they work. Most spambots find addresses by looking for patterns of text that look like an email address. For example, email addresses always contain a @.  Spambots therefore scan the text of a webpage to find any @s. If you eliminate the @ from addresses then most spambots won't be able to recognize that your addresses:


While this hides your address from spambots, visitors to your site will often still incorrectly demung your address, or not even recognize it is an email address, and therefore be unable to contact you.

A more sophisticated version of hiding your address, which still allows human users to see the addresses without any apparent munging, involves using ASCII character codes. For example, if you want to represent an @ you can either use the character itself, or you can use it's ASCII character code: @ (ampersand number-sign six four semi-colon).
If you use the ASCII code then human visitors to your site will see an @ because their browsers automatically translate the character code.  Most spambots currently do not recognize the codes and therefore ignore addresses created with them. The following addresses will all appear the same if they are included in the HTML of your site:


For a full explanation see the article at Project Honey Pot

Online Dangers

PC World article on the 17 most dangerous sites on the Web…must read!

Tips from the Pros: Top 5 Ways to Stay Safe Online:

Stay up-to-date, stay paranoid, stay protected. That's the message from the security experts we spoke with while developing this story. Here are a few of their top tips and suggestions for protecting your computer against malware and hackers.
1) Keep up on patches.
Be sure to run Windows Update, as well as the software update features in the other programs that you use every day.
2) Be password smart.
As tempting as it is to use the same password in multiple places, don't. And use longer passwords, too-they're harder to crack. If you have lots of accounts to manage, use a password manager. (See "GPUs Power Games, Crack Passwords," for more on this issue.)
3) Use security software.
That may seem self-evident, but it can help block malware or software that is acting suspiciously, and security software companies are hard at work devising new ways to stop infections be­­fore they ever reach your PC. Check our antivirus and security software page regularly for the latest on security products.
4) If it sounds too good to be true... well, you know the rest.
No, someone in a faraway land isn't really offering you millions of dollars. No, attractive women from Russia probably aren't seeking you out specifically. No, those aren't magic cure-all pills.
5) Assume that everyone's out to get you.
PC security is one area where it pays to be paranoid. Just remember that no security software is fail-safe, and that you're still the one sitting at the keyboard. Assume that no site is safe. And don't automatically trust a link or file download, even if a friend sends it to you.