PDA

View Full Version : Interesting - do you think sites sell email addresses?



jimnyc
11-12-2012, 01:53 PM
I'm not prepared to name the place just yet. But I joined another political board, and for security reasons, created a new email address. I know for a fact that this was the only place it was used. This was about 1 month ago. I also have my email address hidden on this other board and other members cannot contact me in anyway other than PM. So either the email provider is somehow insecure and spammers got my address, or the site I used this email for. I logged in and have 331 spam emails, 299 of them detected in the spam box and the rest of the junk in my inbox. This is a VERY rare combination of letters, numbers and characters, so no way in hell it was guessed by a bot or similar.

I know for a fact that some sites do this, but generally generic sites that have a opt-in mailing list for newsletters and such. This is a political website, where the owner owns a bunch of forums.

What are the odds that this email was guessed? Or do you think the email database was sold, which does happen often?

I'll give an idea of the address, but obviously not the one, just an example - dragon.32Abytr&cD$@emailaddress.com < ------ very similar to that

tailfins
11-12-2012, 01:57 PM
It could be that the political site has malware that passes on emails unbeknownst the owner. BTW: Nice testing strategy!

aboutime
11-12-2012, 02:00 PM
jimnyc: No doubt. Some still buy lists of email addresses. But there's no need for anyone in business to BUY them. They are everywhere, and AOL was the original, with Microsoft who PHISHED for email addresses from personal pc's, and Apple products long ago.

It has become so bad. Some of the hackers who use long lists of gathered email addresses...even use them to spam by using personal email addresses...to send spam to almost everyone who doesn't have the ability to block POPUPS, or those who have no firewall's installed.

If there is a way for the CHEATERS to cheat. They already are using the methods. No matter what you try to do.

Sometimes. I have received email messages from MYSELF, where someone used my name, my email address, and whatever they found to send SPAM to me.

That's why this Internet Thing is, and always will be what I call "FRED". Frickin Rediculous Electronic Device.

jimnyc
11-12-2012, 02:05 PM
It could be that the political site has malware that passes on emails unbeknownst the owner. BTW: Nice testing strategy!

I hate spammers, and I hate people that sell databases even more. I belong to quite a few sites where there are sales of websites, traffic, domains, graphics.... And yep, you see the sale of large databases of emails as well. They are supposed to be completely opt-in, but obviously that's not always the case. And in this particular case, having over 300 spam mails, in one month, when the address was used only once, makes me wonder. Granted, they could have a virus or such, but my email "should" be protected in the SQL database and somewhat encoded. It definitely wasn't found by a "scraper" which monitors the internet and finds addresses that are written out or in profiles.

It's no big deal to me, since I used a toss away email of sorts, and this is exactly why I don't use my normal address.

jimnyc
11-12-2012, 02:07 PM
jimnyc: No doubt. Some still buy lists of email addresses. But there's no need for anyone in business to BUY them. They are everywhere, and AOL was the original, with Microsoft who PHISHED for email addresses from personal pc's, and Apple products long ago.

It has become so bad. Some of the hackers who use long lists of gathered email addresses...even use them to spam by using personal email addresses...to send spam to almost everyone who doesn't have the ability to block POPUPS, or those who have no firewall's installed.

If there is a way for the CHEATERS to cheat. They already are using the methods. No matter what you try to do.

Sometimes. I have received email messages from MYSELF, where someone used my name, my email address, and whatever they found to send SPAM to me.

That's why this Internet Thing is, and always will be what I call "FRED". Frickin Rediculous Electronic Device.

As the old saying goes - NOTHING is ever truly private on the internet. But I would still like to think that many sites have a code of ethics, at least to an extent. There will always be the bastards that scrape and do whatever necessary to acquire tons of addresses and bombard each one. But it's the "legit" sites that end up selling off addresses for a buck that annoy me even more.

mundame
11-12-2012, 02:40 PM
Well, you know much more about all this than I do, Jimmy, I can see, but I was on a forum once where something did get in and trap or copy all the emails and then it sent messages to us all with that "traveler" scam where a message comes to everyone privately that one of the members -- named -- is travelling in Scotland and has everything stolen, so please send money. We all laughed, but they did get our emails.

The site owner went crazy, and upgraded software and put out warnings, and so on. So I guess something bad got in.

gabosaurus
11-12-2012, 02:53 PM
I know for certain that many internet message boards sell e-mail addresses. They also allow trackers on their sites.
Other boards block users with Ad-block.
That is why I have a different e-mail address that I use when signing up for things and joining message boards or discussion groups. It gets about 400 spam mails a week.

aboutime
11-12-2012, 03:48 PM
As the old saying goes - NOTHING is ever truly private on the internet. But I would still like to think that many sites have a code of ethics, at least to an extent. There will always be the bastards that scrape and do whatever necessary to acquire tons of addresses and bombard each one. But it's the "legit" sites that end up selling off addresses for a buck that annoy me even more.


jimnyc: Totally agree. In no way did I mean to infer, or suggest that THIS forum is guilty of such things. If that is how you read my post. I apologize.

Abbey Marie
11-12-2012, 04:21 PM
I long ago set up one email for public use, and one that only select people and groups have. It has worked well. I rarely get any spam at all in the good account. The other one is a wreck, hah.

I did the same with our phone number. I never give out the real one. Our family has the fake one memorized for those situations where a cashier asks for it. It's easier than flat-out saying no. ;)

jimnyc
11-12-2012, 06:05 PM
jimnyc: Totally agree. In no way did I mean to infer, or suggest that THIS forum is guilty of such things. If that is how you read my post. I apologize.

Don't worry about it, that's not what I thought! :beer:

mundame
11-12-2012, 06:31 PM
I long ago set up one email for public use, and one that only select people and groups have. It has worked well. I rarely get any spam at all in the good account. The other one is a wreck, hah.

I did the same with our phone number. I never give out the real one. Our family has the fake one memorized for those situations where a cashier asks for it. It's easier than flat-out saying no. ;)

I do all that, too.

The phone number is usually the previous home number, or maybe a long-dead work number. It's just crazy to give them real numbers, they just sell it or make endless calls! And that gets by the do-not-call because they can claim a "previous relationship."



Here's an issue -- zip codes. Best Buy tried that on (gave it up) and it was declared illegal in California to demand zip codes with a credit card. Our Tractor Supply Co. does it and since we found out what they were up to, we don't ever give it, I just say, "No." Too late, though: when we gave it once early they matched it with our credit card name and looked it up in a reverse phone book automatically I'm sure and now send circulars to us forever and ever, years and years.

People think they want zip code just to keep track of their customer draw area, but that isn't so: they use it to learn EVERYTHING about us and do mailings and so on. I hate this kind of thing because it's sneaky. I can be a very good customer if stores are open and aboveboard with me, but not if they are sneaking around.

gabosaurus
11-12-2012, 07:06 PM
I will give my zip code if that is all they ask for. I won't give any other personal information.

Some of these alleged "free sites" ask for a credit card number. Just for "security" in case you "misuse their site."
My husband gave a false credit card number to an alleged "free" business site. They e-mailed him a few days later and said his account had been suspended because his card number could not be verified. When my husband wrote back and asked why they ran the number, since it was supposed to be just for security, no one replied. So he called and they put him on hold, never to pick up again.

Abbey Marie
11-13-2012, 12:24 AM
I guess I'll add a fake zip code to my repertoire.

:beer:

mundame
11-13-2012, 06:47 AM
I used to use easy-to-remember passwords, pretty much the same one or two. But after eBay and Yahoo both had big trouble with "me" --- I came to eBay after not being there some months and found 18 emails from their management escalating into threatening and finally they had simply suspended my password and asked that I pick a new one. Someone had cracked it and was doing scams, of course. They had worked it out that it wasn't me, so that was all right. But I felt bad that someone had been able to do crime by stealing my too-easy password.

And this April we both had to get new bank cards because of mystery charges. So I thought about that and went around and hardened all my passwords I could think of, using weird historical dates and names combined in some cases, that I don't think could be guessed or programmed into a computer program for stealing passwords. I haven't had any trouble since, so far.

gabosaurus
11-13-2012, 12:28 PM
Hey Jim, you should read this. It will conform your suspicions:

http://www.propublica.org/article/yes-companies-are-harvesting-and-selling-your-social-media-profiles

jimnyc
11-13-2012, 01:35 PM
There's never been a doubt in my little head that the larger companies which have hundreds of thousands of addresses play games with them. But I was more or less referring to the little guy. Let's say I only have 5,000 addresses and can sell it for $20, or between say 10 boards or so I own, I have about 100k addresses, and can sell this database multiple times at $100 a pop. The database is just as valuable to the buyer no matter how many times sold. I can see big stores and such leaking them out, but a small time owner of forums? I guess unethical is unethical, but I've always been more careful with the big boys and was less concerned when joining a political forum.