According to the Symantec security blog, there is a new tactic of harvesting / guessing email addresses from every domain name. Hackers have programs that run through all possible first names attached to company domain names. For instance – firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, etc. Testing all dictionary names against public domains (basically almost all domains) and check to see if they get a bounced email or if they are accepted. More importantly Symantec is claiming SMALL businesses are being specifically targeted for private information, through means like spam guessing and servers hosted within a business Mostly because they are more careless about their information and security protection practices.
Here is what the blog says:
In fact, cybercriminal see SMBs as a prime target. Back in July, we talked about how some types of attacks more frequently target SMBs. We keep finding examples of why SMBs can’t let down their guard when it comes to security. Recently, we’ve seen targeted spam attacks become a problem for small businesses.
For example, spammers are increasingly using a traditional technique called a ‘dictionary attacks’ against SMBs. This trick uses dictionaries of first names and last names combined with a target domain. Spammers generate millions of potentially valid email addresses for a single domain. Spammers might try the following name and/or word variations:
An attack like this can be a problem for a large enterprise – even those with anti-spam technology in place – because the servers are still forced to accept the email connection, even if they are going to reject it because the user doesn’t exist. But imagine how this can impact an SMB with a server designed for 250 or fewer users.