SPAM has my HOME address!

Discussion in 'privacy general' started by Luxeon, Aug 10, 2008.

Thread Status:
Not open for further replies.
  1. Luxeon

    Luxeon Registered Member

    Joined:
    Mar 20, 2007
    Posts:
    127
    I just received a SPAM e-mail with my first name AND my home address in the subject line. It is one of those "consolidate your debt" mails.

    Is my computer compromised? Should I scrap my e-mail address (Ameritech says I can't ditch my address, but that I can create a new one)?

    This is really ticking me off, because I have a pretty decent security setup, and surf cautiously. As mentioned in a thread below, I had mass quantities of spam, and suddenly it went down to almost zero.
    Just as suddenly it started again. There must be a security breach somewhere. It could be my computer...but, could it be another which has my home address?

    Edit: I finally found some info.:
    http://spamwars.com/archives/2006/07/index.html

    Scrolling down to July 12, you can see that this person had a similar issue.

    Bob
     
    Last edited: Aug 10, 2008
  2. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    (I didn't check that URL).

    While I don't know your personal situation, I'd be inclined to DELETE that email address. The company says it can't ? Tell them you'll go to the competition if they won't accommodate you.

    If they won't help you, it's really worth considering getting a different ISP.
    If you switch, Ameritec will probably delete your old email address, and even if they won't, they will probably deactivate it, so that any spammer will probably get the impression that they send spam to a non-existing email address.

    Then make sure that your email setup is reasonably safe, don't allow html or automatic confirmation of incoming mail.

    Of course, if you are really in a serious debt situation, and your data may be all over the place, it's a different matter.

    And it may be worth checking your computer for the presence of any malware. I don't know the best way to do that, Counterspy 2.5.1043 with updated definitions may help, 15 days free fully-featured trial, checking the computer with a good antivirus is a good idea, maybe a rootkit scanner (Sophos' antirootkit software is reasonably easy to use). Of course, the only way to be sure that your PC is clean is to reformat the harddrive and reinstall the OS and the rest, assuming that software is clean !

    I myself have experienced more than one security breach (not referring to my computer). Just try to clean up as best as you can.

    Other people probably know more.
     
  3. Luxeon

    Luxeon Registered Member

    Joined:
    Mar 20, 2007
    Posts:
    127
    Thanks for the info.

    Actually, my debt is very low, and my credit is excellent.

    I recall SBC Ameritech/Yahoo telling me I couldn't dump my email address, but I could create another. I was floored!
    I have had good results with them so far, so I am reluctant to change ISP.

    I did forward the header to the FTC and my ISP.

    This really is strange! I religiously use NOD32, Zonealarm Pro, Spybot, a router/firewall, and keep everything up to date. My computer and router (pretty much everything) is password-protected, using different (and highly complex) passwords. This is why I am perplexed: I am following good computing hygeine.
    However, I know nothing is perfect, so maybe a "rootkit scanner" is a good idea.
     
  4. NetTraveler

    NetTraveler Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    134
    Location:
    Amsterdam Netherlands
    You could add spammers mailing address to your hosts file together with Spybot S&D host file. Best would be to rename old Hosts and get fresh one from http://www.mvps.org/winhelp2002/hosts.htm
    I would also scan computer with HijackThis and post the log here if I were you..
    Hope this will help little..
     
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
    I'm afraid a hosts file won't have any effect on incoming email spam, and besides that, return addresses on true spam are almost never their real email domain.

    Luxeon, while it is possible you have some kind of complicated and hidden infection, it's not usually the case. It's more likely the information was pulled together outside of your system with some kind of cross referencing of the information available about you. If you've ever posted your email address in public and use the same address and name on forums and/or newsgroups, and ever include your location (city, state), then people can fairly easily tie it together. This is even easier if your email address contains your real fullname, of course.

    I really suspect that's how this was done. You may want to check the posts and profiles you've made anywhere that you've publicly displayed your email address. Maybe do a few search engine queries on your email address and name to see what can be found.
     
  6. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    I've never posted my email address or any personal data on any forum.
    There are some organizations that have it, like security software vendors, some others.

    More than once I've experienced that (some of) my data were leaked, shared, stolen/lost. That's just the danger of having your personal data in organizations' databases.
     
  7. KookyMan

    KookyMan Registered Member

    Joined:
    Feb 2, 2008
    Posts:
    367
    Location:
    Michigan, USA
    You know, I'm going to go against the tide here and say don't delete that email address.

    Keep it.

    Why?

    Simple. If someone has that much information, tied to my email address, I'd want to keep it so that it has no reason to bounce to some unwilling victim resulting in your email/address/personal information being spread to even more people.

    And as much data mining that happens anymore, there is no way to prove or assume that your PC has been compromised, its likely that someplace that you have a business agreement and has all the information sold their database to someone else, and they are emailing everyone that they have records for.
     
  8. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    That makes sense ! I'm not sure if I agree though.
     
  9. KookyMan

    KookyMan Registered Member

    Joined:
    Feb 2, 2008
    Posts:
    367
    Location:
    Michigan, USA
    I can't help it, I'm a fan of "Occam's razor," which basically says that the simplest answer is probably the right answer.

    While its nice to think that your important enough to hack directly, compromise your network security, scan your hard drive and pull off information such as emails, names, addresses, etc, is it true that you are?

    I don't know about you, but I don't think I actually have my address anywhere on my computer. Sure, I've entered it into web pages on occasion when I purchase things, but its not stored on my system.

    Let me ask you a few questions, just for consideration, I don't need you to post an answer here.

    1. Have you filled out and returned a warranty card lately for a new purchase?

    2. Have you recently signed up for any "Loyal Shopper" programs, like the Best Buy Reward Zone, frequent airline flier, or with a local grocer? I know the grocer programs (scan the card at checkout and get a discount) have been notorious for data mining, selling details of what people buy to third parties.

    3. In the last six months, have you filled out or submitted anything, to anywhere, that would have both your name and email address on it? Irregardless of what it was dealing with?

    If any of the above were a "Yes," I think you may have discovered "how" it happened. And as you can assume, it would all be a lot easier than breaking into your home network.

    As something to check out, if you haven't already this year, request your free credit report from each of the big three vendors (by law you get to request one free report a year from them. Without signing up for anything.) and see if your email address is on them. If so, I think you may have just found your leak. Especially considering that you said it was for debt consolidation.

    Hope that helps give some ideas.
     
  10. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    :thumb: Yes.
    think hard about where you have made any purchasers and from whom: what makes you think their security is sound.
    It sh#ts me off that even by subscribing to various organisations/ professional associations/ school alma mater lists /professional journals/ service organizations/ even charities with supposedly clear cut privacy charters that one ends up on mailing lists, e-mail lists, call outs etc etc etc...blech..
    Information is for sale. information can be mined.

    LOL, I think I told the story how my local video rental shop wanted Driver's License, e-mail, home address, home phone, and PASSPORT to join.
    Absurd. o_O

    My own employer wanted me to send my PassPort through the mail !! for them to check or even (as I was unwilling to do that)to copy the passport and fax through to an open office a copy of the passport LLooLL. This was after having worked for them for 10 years.
    The same organisation had just sent out a "send all" e-mail to over 200 people IE all 200 had the e-mail addresses of all other 200 on at least 200 boxes scattered across NSW :eek:
    These guys are suposed to be guardins of our information: Absurd.

    Needless to say I had a minor explosion with the regional director :cautious:

    @Luxeon
    You may be secure with your own efforts and privacy: how about those around you including friends, let alone any other cretins who may have other access to your details ??
    Dont go through hoops to change the e-mail: you'll still get spammed: filter, block, put up with it ...when you hit 200 spams /day ...:gack:...;)
     
  11. Luxeon

    Luxeon Registered Member

    Joined:
    Mar 20, 2007
    Posts:
    127
    LOL! The passport thing is nuts!

    Excellent info, and thanks again for the help.

    Passport?!?!? LOL!!!!!!!!!
     
Loading...
Thread Status:
Not open for further replies.