Woodworkforum Members emails compromised?

[carazy]

Just thought I'd let the administrators know that there is a high possibility that email addresses of woodworkforum members may have been compromised.

Whenever I register with any website I use an exclusive email address. Eg [email protected] or [email protected]

so I can easily track and tell if websites sell off my private information to spammers /third parties. I've received a couple of spam recently to my [email protected] email address. This email address is only ever used here and never appears anywhere else. It seems to be predominantly a paypal phishing site that does the spamming.
(Note: I also uncheck the box in the user CP that says "member can email me" whenever I join a site and only use PM's)


Here is the header info
Return-Path: <[email protected]>
X-Original-To: [email protected]
Received: from ads.asnetworks.de (ads-mail.asnetworks.de [85.190.0.139])
for <[email protected]>; Fri, 17 Aug 2012 04:21:04 -0700 (PDT)
Received: by ads.asnetworks.de (Postfix, from userid 1154)
id 9A729175C438; Fri, 17 Aug 2012 13:20:43 +0200 (CEST)
To: [email protected]
Subject: (#243) Your PayPal account has been limited.
From: PayPal <[email protected]>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <[email protected]>
Date: Fri, 17 Aug 2012 13:20:43 +0200 (CEST)


The body contains some spiel about paypal security and this line

Confirm that you're the owner of the account by updating your account information. Personal form: Download [links to paypal.com.14329.newamericangrill.com/PayPal-Update/PayPal.Verification.Form.2012.pdf.html]

-------

Just thought I'd let you know.

[ubeaut]

Hasn't been compromised through the forums at least untilnow when you have published it for all the world to see in an open forum.

May have been from your own email account or from an email received by you from the forums or another member. That email address until now would be safe on the forums but not necessarily on your computer or someone elses if it had been used to send an email message.

Neil

[carazy]

Neil by your response I can see you aren't quite getting the gist of what I'm saying.

Firstly nothing in that header info gives away my REAL email address. "mydomain.com" is what I typed there instead of my ACTUAL domain name. Everything is real except I have replaced the domain that I own with the letters "mydomain.com" to show how I track emails and to obviously maintain privacy while still publishing the header info in the open forum for people to see. I work in IT as my profession so I know what I'm talking about and also what I'm doing. So stating that there is a high likelihood of compromised emails isn't some whimsical remark. It's based on pure logic and a systematic method of tracking where and from who, spammers obtain my email address from (I'm not saying woodworkforums has sold my email address, I'm just saying that there is no way that email address should be in the hands of spammers. The only place they could have obtained it is from here.

To simplify it. If I were joining the apple forums I'd create an email address and sign up using [email protected]
youtube --> [email protected]
and so on.
So if youtube ever sold my email address to spammers I'd see that youtube.com@tracker..... was the recipient and know exactly where the spammer got my email address.


The only place that [email protected] is ever used is in here, That's the whole purpose of identifying how that singular email address gets out to spammers. I have unchecked "allow other members to send you email messages" in my preferences (They can PM me if they wish and I've never had to use that as of yet).
So it definitely isn't from members emailing me because I've never enabled that feature.

It isn't used for correspondence ever anywhere else, merely as a login to this forum and only here. (Oh and my security here at my end is pretty rock solid. Some of my work entails the install of Enterprise grade firewalls for my clients so it's in my best interests to be in the know regarding that too).
And that is why I started this thread.

[Robson Valley]

No spammers yet for me.
I like your address "tagging" style. Once a year, I make up all new return address labels for my snail-mail. Slight changes to the Capitalization, Street address, PO box info and so on.
So help me, I'd swear that some junk mailers have managed to scan my label!

I am fond of writing "deceased" across my address and Return To Sender.

[Drillit]

Neil,
Having been twice a victim of card fraud (including in the last 2 weeks), I think forumites need to be certain that there is not a problem having regard to Carazy's comments. Can I suggest that the matter be closely reviewed and any changes necessary are made. You cant be too careful. Having said that I am not sure that from what I have read that there is a general problem and if so what is required to be done. However, I do wonder how some people seem to get our email addresses. Drillit.

[Groggy]

Gents, no matter how secretive or secure your email address is you may sometimes get spam.

Some of these mongrels use software that generates billions of emails to guess your email address. They start with registered domains and go from there, trying all permutations and combinations and spewing out millions of emails.

I can't say this is the case here but it is possible. I have some unused email addresses on obscure servers that get spam and this is the only explanation I can think of.

[carazy]

Unfortunately in this case most forum members would use their day to day email and I assume some use their business email address to register and so spam coming to it wouldn't be an anomaly as it was with me. I posted the header information so that if some other forum members did start getting paypal phishing emails from

ads.asnetworks.de (ads-mail.asnetworks.de [85.190.0.139])

or even noticed a similar link like
paypal.com.14329.newamericangrill.com/PayPal-Update/PayPal.Verification.Form.2012.pdf.html

in it then something could be done about preventing this in the future. However most people don't read spam and and probably just delete it straight away. Unfortunately the ones who do read it may actually be naive enough to be caught out and give their paypal details to these scammers as their forum address might also be their registered paypal address. I also considered random email generation, however to randomly generate "woodworkforums.com" then append it before the @ symbol to a randomly generated @tracker.SomeOtherDomain.com leans greatly into the realm of improbable.

It is definitely worth the admin/s looking into.