Using Email Harvesting to Mitigate Risk and Detect Online Fraud  

We spend a lot of time talking about Web data harvesting and collection here on the Deep Web University and often forget to talk about email harvesting and how it can benefit users.

In today’s posting we uncover how we harvest email content and explore two case studies that illustrate how risk managers and security officers are using email harvesting to mitigate risk and detect fraud.

The Email Harvester

EmailHarvesteringLet’s start with the basics and explain what the email harvester does. Put simply, our email harvester collects and stores all the text based content from emails that are sent to accounts you can access. Included in the email harvest are the body text, the sender, the subject line, as well as all of the HTTP header information.

For most of our users set-up of harvests is typically done by the our data acquisition team. Our acquisition engineers typically require the email address, password, and server name to harvest email content. All the harvests can then be configured to run on an ongoing schedule.

The Honeypot Email

Our email harvester only harvests content from email accounts that our end-users can directly access. Most of our customers create what we refer to as a “Honeypot” email account, which receives email from multiple sources into one pot or location. Our customers typically forward emails or subscribe to specific newsletters with the Honeypot account and use that account for the harvesting portion of data.

But the question remains, who can benefit from harvesting content in email newsletters? We’ve seen most of our success stories come from harvesting email for risk management.

Monitoring Potential Threats Through Email Newsletters

Our first case study begins with a risk management customer that was struggling with tracking movements and events by groups looking to potentially cause their organization harm. The specific risk management customer had realized that these groups were not typically sharing information about upcoming events directly on their website for easy access to anyone, but sharing this information to subscribers to their newsletter.

To help track these specific events, we augmented Web data collected from traditional, publicly available open sources like social media and websites, with harvested email newsletters from over 30 different groups through the use of a Honeypot email alert. This allowed risk managers and security officers to automate the collection process and receive up to date information about upcoming events.

Detecting Fraud Through SPAM Email Campaigns

A major luxury goods manufacturer was seeing profits hemorrhaged by the sale of fraudulent and counterfeit goods online. To help detect fraud, we set up AuthentiWeb to harvest content from sites that were selling manufactured goods illegally and assist in identification of the largest perpetrators.

SPAM email was a major source of fraud. Customers were being tricked by what seemed like legitimate emails. As a result, we included the ability to harvest email content in an automated fashion from SPAM emails in their AuthentiWeb deployment. The automated collection of emails from SPAM campaigns gave insight into which domains and individuals were contributing most to the sale of counterfeit goods.



Photo: AJC1