Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Has this website been hacked or are you selling your users emails to Spammers?


  • Please log in to reply
15 replies to this topic

#1 JamesLast

JamesLast

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 11 June 2011 - 06:05 AM

I created this account with Bleeping Computers on the 6th of June.

I registered under the fictitious name "James Last". I have never used the name "James" or "Last" in any combination to register with any website.

Will the operators of this website please explain this:


The day after I registered with you I started receiving spam email (at the address I used to register with Bleeping Computers) from "Casino Rewards" addressed to "James". I am now getting spammed once a day EVERY DAY by these people.

Worst Still, the content of this email, when displayed, points to a malicious hacking website - which thankfully my trial version of MBAM blocked.

I have never received any form of spam prior to this as it's a recent "virgin" email address. And now I am getting spammed by NAME - The name I use on Bleepingcomputers.com?

I'd be very grateful if you could explain this. Of course, if you delete this post, then I'll have my answer.

Thank you in advance of your response

"James Last"

BC AdBot (Login to Remove)

 


#2 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:05:51 AM

Posted 11 June 2011 - 07:24 AM

I've notified the moderators and asked that a response be given from them.

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:51 AM

Posted 11 June 2011 - 07:39 AM

FWIW: You posted on 8 Jun, indicating that you have a number of system issues, http://www.bleepingcomputer.com/forums/topic402046.html/page__p__2279661#entry2279661 .

In restrospect, it seems that your system may be infected by malware of unknown origin, since your problems all seem to merge to the same time period.

Louis

Edited by hamluis, 11 June 2011 - 07:41 AM.


#4 JamesLast

JamesLast
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 11 June 2011 - 11:27 AM

FWIW: You posted on 8 Jun, indicating that you have a number of system issues, http://www.bleepingcomputer.com/forums/topic402046.html/page__p__2279661#entry2279661 .

In restrospect, it seems that your system may be infected by malware of unknown origin, since your problems all seem to merge to the same time period.

Louis


If you remember I was having hardware issues. Seems a bit unlikely that an infection went under the radar of realtime MBAM protection, Adaware, AVG, combofix then proceeded to frazzle two of my Ram modules and fry my PCI card, while at the same time somehow intercepted my Email address while I was registering with this website to send me customized spam using my bleeping username. I'd better check that it didn't defrost my freezer and reprogram my central heating!

#5 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:04:51 AM

Posted 11 June 2011 - 11:38 AM

If this site sold email addies, it wouldn't be what it is today. Which is one of the most trusted communities and sources in the online security field. I've been a member here for almost 7 years, and not once have I received spam in the accounts I've used here as you described. So it's safe to say that BC is not the source. Also, if the site had been hacked into in any way, the members would have been made aware by the admin staff. We were not, and thus it wasn't.

As for your hardware issues, experience any lightning storms recently? Sounds like you experienced a surge of power that fried some components. I'd seriously look at replacing the PSU or at least testing a different known good one in the machine.

I can't see the email address you used to register here (and frankly I really don't need to), but if you used james (in any combination of caps/lowercase), then it's likely that it 'saw' the name automatically in your address. The address could have been gleaned by just about any ad, on any page you visited around the time you registered (not necessarily here on BC). Some email providers are more prone to spam than others, specifically: yahoo, msn, hotmail, live, gmail (any .com, .net, .co.uk combination of either of those) and you might have just 'gotten lucky' with the email address. There's no rime or reason to spam. You just deal with it. Mark as spam and move on. If it becomes an issue, ditch the addie, and start again.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#6 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:04:51 AM

Posted 11 June 2011 - 11:42 AM

Also, I strongly recommend you go into your profile and make your email private. Anyone can click on your profile and send you emails from there. It is in the realm of possibilities that a spammer who hasn't posted wasn't caught and is sending spam to members with their emails public. Not very likely, but still a precaution everyone needs to take.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#7 woodyblade

woodyblade

  • Members
  • 670 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:51 AM

Posted 11 June 2011 - 12:53 PM

You could try using http://www.spamcop.net/ and reporting the email there (you have to register an account to report spam), it worked for me on my main email account, stopped my spam there, was getting it for 5 months until about mid April and haven't had any since although with the PS Network break in I got some to my other email recently which stopped about a week ago, you have to report 3-5 emails (when I've used it) but generally it should stop after that, they email network/isp/email admins with the source of the email you give them which can be copied when/if you sync your email into Thunderbird (you can do it in other email clients but not sure how?).

Basically open Thunderbird, select the spam email, then to the right middle of the Thunderbird window you should be able to see a button labelled "other actions" click that, then select "view source", a window will open showing some text, copy and paste that into the text field on Spamcop (when you have registered an account and logged in) and select "Process Spam".

It details the email servers/servers the email passes through on it's way to your inbox and basically allows the admins on the email service to use that information to block those emails or if your lucky the IP Address can be tracked to an ISP who will kick them off the network (or at least I assume they do?), in my case the two sets of spam emails were tracked to a Russian based IP address/ISP and a UK based IP address/ISP.
I wouldn't know if it works for all spam since the emails I got were pretty predictable time wise i.e. every day roughly between 3-5am my time for the first lot (the Russian based IP I mentioned) and 3-5pm ish for the second lot.
You can read other stuff in the other parts of the website and help section.

Edited by woodyblade, 11 June 2011 - 12:57 PM.


#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,853 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:51 AM

Posted 11 June 2011 - 01:43 PM

I find that JamesLast is a very common name on the internet. Common names are more apt to get targeted early on by spammers. If you also have one of those common e-mail providers as mentioned by Galadriel, it would be a piece of cake for a spammer to hit paydirt, so to speak, with a live address. Note, it is important not to post your e-mail address on websites etc. as it can be easily harvested by spam-bots.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#9 Wildabeast

Wildabeast

    Bleeping Lurker...


  • Members
  • 1,253 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nebraska, USA
  • Local time:05:51 AM

Posted 12 June 2011 - 06:16 AM

I've registered with more sites than I can count. This is the only site that uses the name "Wildabeast" and I've never recieved any email with that name in it that did not come from here.. :blink:
"The nine most feared words in the english language, 'I'm from the government, and I'm here to help'..."
Ronald Reagan

#10 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:06:51 AM

Posted 12 June 2011 - 06:43 AM

Also, I strongly recommend you go into your profile and make your email private. Anyone can click on your profile and send you emails from there. It is in the realm of possibilities that a spammer who hasn't posted wasn't caught and is sending spam to members with their emails public. Not very likely, but still a precaution everyone needs to take.


@JamesLast: To emphasize what Galadriel already suggested: You may want to change your E-mail setting to "Private" in your Contact Information
Your control panel> Settings> Notification Options> Privacy Settings> (CHECK) Hide my email address from other members

Yours is public.

Posted Image

Just my .02 :)

Edited by Union_Thug, 12 June 2011 - 06:47 AM.


#11 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:05:51 AM

Posted 12 June 2011 - 08:50 AM

Concerning public email here at BC:

When used to email a member this is what is seen when the email is delivered: (I enabled send me email long enough to use my daughters BC account to send myself a mail using that option. I promptly disabled it after my test)

Posted Image

It is possible that a spammer could send spam this way, but you would know that he/she used
Click here to e-mail me on your profile to send it. A rather tedious way to send spam, since the spammer would have to go to each profile and look to see if a member has it enabled.
Also, when YOU receive the mail the address the sender used when signing up for BC will be available to you when you view the mail properties and headers. The spammer will have NO mail in his/her sent box showing YOUR address. Spammers, being a creative and dedicated bunch of buffoons, may have a way to retrieve and keep your email address even though they have no record of it.

IF JamesLast is a part of the email address, all a spammer has to do is stick a domain name at the end of it and you get the spam.

As for the mail you are receiving, you can set up a rule or a filter so you never see the mail. Have it deleted from the server and it will never make it into your inbox. Email clients will allow you to set up a rule. If you use web based mail, look to see if you can set one up for the spam.

Edited by Queen-Evie, 12 June 2011 - 08:56 AM.


#12 Guest_RadioNorthsea_*

Guest_RadioNorthsea_*

  • Guests
  • OFFLINE
  •  

Posted 12 June 2011 - 09:24 AM

it is important not to post your e-mail address on websites


Good answer!
When you would let see your email addres, take care that it is a fake email addres.
Example: Your email addres is: jb@jabbedabbedoo.net, than take you care, that you have another email addres.
When you visit the World Wide Web via the search engine, than find you lot of email Providers, you can than from these Providers, find an email address.
If you found, than for example again: You create an email addres as hoppa@usa.com.
It is not smart when you let see your real email addres.

By the way: James Last, funny nick name. :thumbup2: James Last had beautifull music, so you can say: I am famous.

#13 JamesLast

JamesLast
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  

Posted 13 June 2011 - 07:54 AM

Thanks for that.
I guess I'm amazed that a website like this would not make members email addresses private by DEFAULT!



Also, I strongly recommend you go into your profile and make your email private. Anyone can click on your profile and send you emails from there. It is in the realm of possibilities that a spammer who hasn't posted wasn't caught and is sending spam to members with their emails public. Not very likely, but still a precaution everyone needs to take.


@JamesLast: To emphasize what Galadriel already suggested: You may want to change your E-mail setting to "Private" in your Contact Information
Your control panel> Settings> Notification Options> Privacy Settings> (CHECK) Hide my email address from other members

Yours is public.

Posted Image

Just my .02 :)



#14 JamesLast

JamesLast
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 13 June 2011 - 08:00 AM

I wasn't altogether serious about site selling email addresses. It was more a mixture of jest and annoyance. But whatever happened, it probably happened here. As I said in previous post, I find it surprising that new users' emails aren't made private by default - especially as much of this site is concerned with fighting hackers, malware etc. Maybe it's something the administrator needs to address?

p.s. I couldn't see my own email address either, although I've now checked the option to make it private.

If this site sold email addies, it wouldn't be what it is today. Which is one of the most trusted communities and sources in the online security field. I've been a member here for almost 7 years, and not once have I received spam in the accounts I've used here as you described. So it's safe to say that BC is not the source. Also, if the site had been hacked into in any way, the members would have been made aware by the admin staff. We were not, and thus it wasn't.

As for your hardware issues, experience any lightning storms recently? Sounds like you experienced a surge of power that fried some components. I'd seriously look at replacing the PSU or at least testing a different known good one in the machine.

I can't see the email address you used to register here (and frankly I really don't need to), but if you used james (in any combination of caps/lowercase), then it's likely that it 'saw' the name automatically in your address. The address could have been gleaned by just about any ad, on any page you visited around the time you registered (not necessarily here on BC). Some email providers are more prone to spam than others, specifically: yahoo, msn, hotmail, live, gmail (any .com, .net, .co.uk combination of either of those) and you might have just 'gotten lucky' with the email address. There's no rime or reason to spam. You just deal with it. Mark as spam and move on. If it becomes an issue, ditch the addie, and start again.



#15 JamesLast

JamesLast
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 13 June 2011 - 08:02 AM

I'll give spamcop a whirl. Thanks.

You could try using http://www.spamcop.net/ and reporting the email there (you have to register an account to report spam), it worked for me on my main email account, stopped my spam there, was getting it for 5 months until about mid April and haven't had any since although with the PS Network break in I got some to my other email recently which stopped about a week ago, you have to report 3-5 emails (when I've used it) but generally it should stop after that, they email network/isp/email admins with the source of the email you give them which can be copied when/if you sync your email into Thunderbird (you can do it in other email clients but not sure how?).

Basically open Thunderbird, select the spam email, then to the right middle of the Thunderbird window you should be able to see a button labelled "other actions" click that, then select "view source", a window will open showing some text, copy and paste that into the text field on Spamcop (when you have registered an account and logged in) and select "Process Spam".

It details the email servers/servers the email passes through on it's way to your inbox and basically allows the admins on the email service to use that information to block those emails or if your lucky the IP Address can be tracked to an ISP who will kick them off the network (or at least I assume they do?), in my case the two sets of spam emails were tracked to a Russian based IP address/ISP and a UK based IP address/ISP.
I wouldn't know if it works for all spam since the emails I got were pretty predictable time wise i.e. every day roughly between 3-5am my time for the first lot (the Russian based IP I mentioned) and 3-5pm ish for the second lot.
You can read other stuff in the other parts of the website and help section.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users