Mitigating BOT-based Methods for Email Address Harvesting and Spamming

preprint OA: closed
View at publisher

Abstract

Email databases are continually being updated with the inclusion of active email addresses collected from different sources by hackers and spammers for their illicit purpose, including spamming and sharing. The presence of multiple valid email addresses in the headers of chain and multi-recipient email messages increases the chances of successful harvesting. This paper investigates and exposes a bot-based technique for email address harvesting from email messages, including chain email messages and emails sent to multiple recipients. Experimentation results demonstrate the designed Bot's effectiveness in misusing technologies to collect email addresses from the header and body of email messages. Also, the experimented method and user studies demonstrated the XOAuth authentication mechanism's inefficiency in blocking mailbox access and email address harvesting. The comprehensive illustration of the design shall be beneficial to design techniques for detecting and mitigating such bots. The paper also suggests a few mechanisms that can be put in place to prevent this type of email address harvesting significantly and also designs a mitigation method to detect and mitigate the designed Bots of this nature.

My notes (saved in your browser only)

Citation neighborhood (no data yet)

We don't have any in-corpus citations linked to this paper yet. The paper's references may be in our DB but unresolved to ``paper_id`` (resolution happens at ingest when the cited DOI matches a row we already have). Run the cross-source citation reconcile pass to retry.

Source provenance

europepmc
last seen: 2026-05-19T01:45:01.086888+00:00