Security Breach?

I registered here back in 2007, using a disposable email address that I have never used anywhere else. I don't recall why I registered -- probably to join a conversation that was of interest to me that has long since been deleted from the site -- but that hardly matters. Suffice it to say that I have probably not been here since 2007.

I'm back here posting this now because that email address, which has received nothing since the forum welcome email it received upon registration in 2007, just received a phishing attack. The attacker clearly obtained that disposable address from majorgeeks.com -- directly or indirectly.

No harm to me. I easily spotted it and will simply block and replace that registered email address. But I thought the staff here should be informed of the likely breach.

 

LOL, so spammers/scammers don't guess at email addresses or write scripts that batch send?

I once activated a new email address but didn't bother using it at all for ~2 years, when I did log into it after that period, I had 100+ spam mails waiting, not bad considering I'd never used that email.

 

The company I work for (I am the IT Admin) has several secure internal subdomains (that never appear on the web) with email addresses that are only ever used internally within the company. Several times a year these accounts will get bombarded with spam by scammers that have had a lucky guess. Spam Assassin usually clears most but some occasionally slip through to the recipients who are under instruction to NEVER respond.

If this is the first spam since 2007 I would start using this email address as it is obviously flying below the radar

BTW why are you checking an old email account you never use as you state this is the first time back here since whenever......... just asking

 

You're talking about "domain spamming". Yes, I've seen the same thing happen with never-used email addresses on known email domains.

That isn't the case, here. The targeted email address (which I haven't disclosed) consists of an obscure username on an even more obscure domain -- a subdomain, in fact, so it can't be found through registrars. In the rare event that an attacker targeted that obscure subdomain with a domain spam attack, I would have seen the same message sent to other usernames under the same domain. But I didn't. The only username it was sent to was this one -- the one I registered here at majorgeeks.com. This was no guess.

 

Thanks for the thread link. The breach late last year does sound like a likely explanation. I suppose my email address was one of the 270K. Again, no problem for me. I've now changed my email address here (and blocked the old one), so I don't expect to see more spam to it unless there is an ongoing security issue here.

 

That's very interesting. It sounds quite similar to my setup. And I have seen a couple of domain spam events targeting my subdomain, though much less frequently -- it's been several years since the last one, which is why I wrote "rare event".

This case isn't a domain spam event, however, as I explained above (a few minutes after you posted this). There was no "bombardment", as you say. Only a single username in that subdomain was targeted.

Heh. You're right, but a new username is even farther below the radar, and there's no reason to keep the compromised one, since I've given to no one but majorgeeks, so there's no downside to blocking it (i.e., no risk of blocking legitimate email).

No checking of an old empty email account was involved (that would indeed be a colossal waste of time). It's an old email address -- one that I had completely forgotten about -- but not an old email account. The address routes to the inbox of an email account that collects messages addressed to hundreds of other disposable addresses I've created over the years. When one gets compromised, I just block that one email address. The account remains. It's been a highly effective anti-spam strategy. Indeed, spam is so rare that whenever it does happen, it's an event that I have both the time and interest to investigate and write about on forums like this.

 

Do you mean the first report of spam plausibly linked to the breach in which 270K email addresses were swiped from MG in November?

Because you can't really mean the first report of a breach itself, can you? According to the thread MG admin Laura linked to above, MG sent out an email to some of its forum users acknowledging such a breach.

 

That's not too surprising. I'd guess that very few folks here registered with an email address that they never used for anything else. So when spam does get delivered to them, they have no way of knowing with any confidence where the breach occurred. So they will have no cause to report it here. I would not take the paucity of reports as evidence that the 270K email addresses aren't being targeted by spammers (and I'm not suggesting that MG is drawing such a conclusion). It's not like they would pick out a handful from that list and throw away the rest.

 

When the company setup the top domain someone (not me) included development in the name so it makes for an easier guess initially. The good thing is I picked the email addresses on the subdomain so they would be very challenging to pick. Usually spam never gets to the recipient's inbox but I see it as the Admin in the "catch all" account and also as deleted in the Spam Assassin logs. The only subdomain and email addresses on the secure subdomain whitelist are company real world email addresses so in our case to get through to the subdomain catch all account it is a very good guess indeed

Hmmm... maybe it was from MG's security breach
It would be good to do a trace on the spam but it will probably go back to a proxy server somewhere or to someone else's compromised email account (which they won't know about) and then the trail will go cold.....Damn spammers

How many email addresses do you have........ jeez I thought I had too many addresses at 20 something although I only use 5 regularly and mostly only my 3 main accounts

 

Unless it was a continues threat i would not worry about it.

I have 5 emails and they all get spam in the spam box just about every day.I only use one or two emails to shop online.But i continusly check to make sure it is working properly.And a lot of my user names and emails are off the wall type as well.My password that i have used in the last 16 years still has not been cracked.And i play a lot of mmo's as well and never had a breach of security.

It really comes down to how strong your password is.In my opionion that is really all it needs.But if you are careless on opening spam than it would be your own fault.

 

I stopped cataloging disposable email addresses 10 years ago. Based on the rate of address creation back then, I'd guess I'm up to around 1000 by now. I agree that 20-something may be too many if you have to manage them. A thousand is trivial if it takes zero extra effort to create and manage it compared to using an existing email address.

 

I keep all of my email accounts in a Text document with all the same password there is no point on using a different password for multi emails.