Saturday, February 17, 2007
Honeypots
A honeypot is a type of trap. Originally, it was a pot full of honey that was used to trap a bear because the bear couldn't get its paw out of the trap. There are two types of modern honeypots by definition. The first honeypot variant is a trap to catch malicious software or computer intruders. The other honeypot variant is a trap used to catch, kill, compromise, or create a spy using sex. I believe I've found a variation of the two. Everyone knows that a bit of fibbing goes on in dating web sites. A weight described as "average" either means average or "extra padding" depending upon the person. "Extra padding" translates to overweight, although I've had a date in which the lady was REALLY overweight. One can live with little white lies and such. It's part of the game. Unfortunately, there are two other elements creeping into dating sites. There are the con artists who are preying upon the lonely. These are generally easy to spot. They aren't who they say they are and a lot of them claim to be Americans, but sooner or later, you find that they live in Eastern Europe or Africa. The sites police these people rigorously since they are bad for business. However, there's another element that's trickier and perhaps even tolerated by the site owners. These people pose as the free subscribers. Generally free subscribers have few privileges and if one needs to interact with them, one has to do it through another means such as email or IM. And with IM, you generally use an email address as your irc account username. So, free subscriptions on dating sites gives one almost instant access to people who will give away their email address for the possibility of a date.
Do you see where I'm going with this? Spammers, or people who sell email address lists to spammers, are using dating sites to gather legitimate email addresses. It's simple, it's free, and it's self verifiable, and there's no way to get caught unless they monitor your usage. Chances are that they'll keep you on because they want to impress people with the number of subscribers to their dating site. I've seen the same woman's picture on three different profiles on one site, two in the U.S. (different states) and one in Europe.
Now, let's take it up a notch. What if the entire dating site is one big honeypot, completely illegitimate? I've pretty much found one that's based in Belgium. Google "sex personals and beyond" for the curious. It appears to be completely fraudulent. The ratio of men to women is greater than 5:1, and I'm guessing 90% of the paying women subscribers are phony and that's probably an overly generous assessment. It's the perfect online honeypot. It lures male subscribers with promises of romance and sex. They try to keep them hooked with one liner email replies from fictional "paying" female subscribers. There are many, many more free subscribers than paying subscribers who are female. Most of them appear to be fictional constructs used for gathering email addresses.
The problem is that what I've just described isn't unusual behavior any more for any dating site. It probably comes down to degrees, from mostly legitimate to thoroughly illegitimate. No dating site is transparent due to privacy issues (stalkers) and they are all the perfect cover for scam artists and email address harvesters. The only people who could tell us have no economic or business incentive to disclose how many of their clients or subscribers are real people looking for romance or a date. So, you could describe any of the worst offending dating web sites as a third variant of honeypot, or as a money scam and email address trap at best.
Do you see where I'm going with this? Spammers, or people who sell email address lists to spammers, are using dating sites to gather legitimate email addresses. It's simple, it's free, and it's self verifiable, and there's no way to get caught unless they monitor your usage. Chances are that they'll keep you on because they want to impress people with the number of subscribers to their dating site. I've seen the same woman's picture on three different profiles on one site, two in the U.S. (different states) and one in Europe.
Now, let's take it up a notch. What if the entire dating site is one big honeypot, completely illegitimate? I've pretty much found one that's based in Belgium. Google "sex personals and beyond" for the curious. It appears to be completely fraudulent. The ratio of men to women is greater than 5:1, and I'm guessing 90% of the paying women subscribers are phony and that's probably an overly generous assessment. It's the perfect online honeypot. It lures male subscribers with promises of romance and sex. They try to keep them hooked with one liner email replies from fictional "paying" female subscribers. There are many, many more free subscribers than paying subscribers who are female. Most of them appear to be fictional constructs used for gathering email addresses.
The problem is that what I've just described isn't unusual behavior any more for any dating site. It probably comes down to degrees, from mostly legitimate to thoroughly illegitimate. No dating site is transparent due to privacy issues (stalkers) and they are all the perfect cover for scam artists and email address harvesters. The only people who could tell us have no economic or business incentive to disclose how many of their clients or subscribers are real people looking for romance or a date. So, you could describe any of the worst offending dating web sites as a third variant of honeypot, or as a money scam and email address trap at best.