Directory harvest attack

Updated: 04/26/2017 by Computer Hope

A directory harvest attack or DHA is a spamming technique used to find and collect valid e-mail addresses. These addresses are later inundated with unwanted messages, usually advertisements (spam).

How does a DHA work?

Generally, a DHA is attempted as a brute force attack on a specific or multiple domains. This attack involves guessing combinations of common usernames and sending automated e-mails addressed to them. It then determines which ones are valid based on the type of response received by the e-mail server.

For instance, let's say individual attempting a DHA sent an e-mail to [email protected], [email protected], and [email protected]. If the server then replied "invalid address" for the first two but not the third, the attacker would add [email protected] to its list of potentially valid e-mail addresses.

Attack, Automated, Dictionary attack, Network terms, Security terms, Spammer