So how did a spammer get my address?

Hi, I have an email address I only use for facebook, and today I got a spam message, how did a spammer get my address?

Perhaps you have a weak password and your account has been compromised.

Run through the "Best Practices" on this site to see if any of them rings a bell: http://www.sophos.com/en-us/security-news-trends/best-practices/facebook.aspx

Perhaps you have a weak password and your account has been compromised.

Run through the "Best Practices" on this site to see if any of them rings a bell: http://www.sophos.com/en-us/security-news-trends/best-practices/facebook.aspx

I don't have a weak password, is it possible that a spammer compromised one of my facebook friends computer and obtained my address that way?

Because I use Ubuntu and a pretty secure password.

Perhaps you have a weak password and your account has been compromised.

Run through the "Best Practices" on this site to see if any of them rings a bell: http://www.sophos.com/en-us/security-news-trends/best-practices/facebook.aspx

I don't have a weak password, is it possible that a spammer compromised one of my facebook friends computer and obtained my address that way?

Because I use Ubuntu and a pretty secure password.

That's also possible, yes.

Perhaps you have a weak password and your account has been compromised.

Run through the "Best Practices" on this site to see if any of them rings a bell: http://www.sophos.com/en-us/security-news-trends/best-practices/facebook.aspx

I don't have a weak password, is it possible that a spammer compromised one of my facebook friends computer and obtained my address that way?

Because I use Ubuntu and a pretty secure password.

That's also possible, yes.

But how likely?

Well, you know your friends better than I do, so are any of them a bit lax when it comes to security? For example, do they accept 'friends' even though they don't know who that person is?

Attackers are always going to target sites with a huge following like Facebook has and if they find a leak somewhere then they're going to exploit it. The Koobface gang were a typical example of attackers who only targeted Facebook accounts. "Koobface" is "Facebook" in reverse you might notice.

Here are a few others:

• Facebook SDK hole leaves accounts vulnerable
• Hacker targets Arab users' Facebook accounts
• Study: Many Facebook users are careless

Well, you know your friends better than I do, so are any of them a bit lax when it comes to security? For example, do they accept 'friends' even though they don't know who that person is?

Attackers are always going to target sites with a huge following like Facebook has and if they find a leak somewhere then they're going to exploit it. The Koobface gang were a typical example of attackers who only targeted Facebook accounts. "Koobface" is "Facebook" in reverse you might notice.

Here are a few others:

• Facebook SDK hole leaves accounts vulnerable
• Hacker targets Arab users' Facebook accounts
• Study: Many Facebook users are careless

Some of my friends have like 1,000 friends. Is it possible they got a worm and it looked at all of his/her friends contact info (my email address would have been there)? And how do you think I could have been compromised?

anyone?

Some of my friends have like 1,000 friends. Is it possible they got a worm and it looked at all of his/her friends contact info (my email address would have been there)? And how do you think I could have been compromised?

I know someone like that. Let me tell you what happened to him. He tried to login one day and got a message asking him to identify seven of his 'friends' from a series of photographs of them because his account had been compromised. Since he didn't know any of these people, he was unable to identify any of them and subsequently lost access to his account.

Some of my friends have like 1,000 friends. Is it possible they got a worm and it looked at all of his/her friends contact info (my email address would have been there)? And how do you think I could have been compromised?

I know someone like that. Let me tell you what happened to him. He tried to login one day and got a message asking him to identify seven of his 'friends' from a series of photographs of them because his account had been compromised. Since he didn't know any of these people, he was unable to identify any of them and subsequently lost access to his account.

No, all of my friends are still active, I just want to know how my email address was compromised as I only use it for facebook. Only 14 people (and facebook of course) can see my email address, so the only other option is, is that a compromised Windows computer on my network sniffed my address over the router and then sold it to spammers but none of my other addresses are being spammed. It is highly unlikely that I have malware myself as I use Ubuntu.

So how do you theorize my address was compromised?

Just because you have Ubuntu installed doesn't mean to say the system is invulnerable to exploits. As these Ubuntu security bulletins clearly demonstrate, there are a number of exploits in circulation affecting the current release, one of which affects email.

You say that you only use that particular email addy on Facebook and that 14 people know what it is. Therefore it stands to reason that either one or other of those accounts has been compromised, or your own system has security flaws.

Therefore it stands to reason that either one or other of those accounts has been compromised, or your own system has security flaws.

Now that is what worries me. Do you think it could be this? But then again I am very cautions. I hardly even browse the web. I mainly just do youtube and facebook and occasionally other sites. And whenever I do browse the random web, I usually use Kubuntu in virtual box. Yes I am paranoid.

So if I am compromised, how come: 1) my other email addresses don't have spam, 2) if I was compromised why would the attacker send spam to me in just one of my email addresses? -but come to think of it, I do fairy regularly receive SPAM friend requests, but never spam emails. Weird.

Therefore it stands to reason that either one or other of those accounts has been compromised

More likely, do you know of any rouge apps/malware that sniff friends's profiles for contact info? Because my email address is clearly listed.

Alright guys, I just checked one of my other address I only use for Yahoo answers and Ubuntu forums, and I HAD A SPAM MESSAGE FROM THE SAME ADDRESS THAT SPAMMED MY OTHER ACCOUNT (rr.com it claims). This eliminates the possibility of it being Facebook entirely. In fact I created this yahoo account in April 22 of this year. I only used it for yahoo answers and this site. And I GET A MESSAGE FROM THE same address!

OMG am I really infected?!?!?!?

Alright guys, I just checked one of my other address I only use for Yahoo answers and Ubuntu forums, and I HAD A SPAM MESSAGE FROM THE SAME ADDRESS THAT SPAMMED MY OTHER ACCOUNT (rr.com it claims). This eliminates the possibility of it being Facebook entirely. In fact I created this yahoo account in April 22 of this year. I only used it for yahoo answers and this site. And I GET A MESSAGE FROM THE same address!

OMG am I really infected?!?!?!?

rr.com is the RoadRunner site. It's owned by Warner Bros and hardly likely to be sending SPAM. What does the email say? Is RoadRunner your ISP by any chance?

EDIT: Check the email headers to see who it's really from. Instructions on how to view webmail headers here: http://support.google.com/mail/bin/answer.py?hl=en&answer=22454

Alright guys, I just checked one of my other address I only use for Yahoo answers and Ubuntu forums, and I HAD A SPAM MESSAGE FROM THE SAME ADDRESS THAT SPAMMED MY OTHER ACCOUNT (rr.com it claims). This eliminates the possibility of it being Facebook entirely. In fact I created this yahoo account in April 22 of this year. I only used it for yahoo answers and this site. And I GET A MESSAGE FROM THE same address!

OMG am I really infected?!?!?!?

rr.com is the RoadRunner site. It's owned by Warner Bros and hardly likely to be sending SPAM. What does the email say? Is RoadRunner your ISP by any chance?

EDIT: Check the email headers to see who it's really from. Instructions on how to view webmail headers here: http://support.google.com/mail/bin/answer.py?hl=en&answer=22454

I didn't think rr was behind it either, I thought it was probably a faked address, but I am not going to open the email to see the header. And no, my ISP is not rr.