Hi, When I sign up for a website, I put my email address as website name @ my domain.com - i've been doing this for years because I have a catchall address (means anything sent to my domain comes to me) and it lets me track where spammer's get my email address (and also lets me block them by blocking that particular To: address). So when I received some spam address to minidiscforums I was abit annoyed; I always set my preferences to "Hide my other email address from other members". Here's the spam I received by the way: From: Tdpitus <email@example.com>
To: minidiscforums@ (my email address)
Subject: re:your resume
Date: Thu, 20 Jul 2006 01:29:46 +0800 (Wed, 18:29 BST)
edict salad chief fool ([i]this line was written in white to trick spam blockers)[/i]
We have found your resume on Job web site, and would like to offer you vacancy in our company.
If you interests, more detailed information you can receive on ours web
site: [url=http://www.****.us/]http://www.****.us/[/url] ( please send us email for more information )
nab lace inept mba [i](this line was written in white to trick spam blockers)[/i]
We look forward to your reply.
errand bids flown choir [i](this line was written in white to trick spam blockers)[/i]
Miller & Morgans inc.
My comments in italics.
I've received other spam too, probably about 10 different ones all addressed to minidiscforums @ my domain.com
So if my details were hidden, either Minidisc forums are selling our details (very unlikely), or there's a security hole in Invision Power Board (which this forum runs on), or most likely, when this site was hacked into a little while ago all our details were stolen, and subsequrntly sold on / distributed.
Other repurcussions are that alot of us probably use the same logon and password at multiple sites; you might want to change your passwords (unless Invision encrypts that data securely? - perhaps a Forum Admin could answer that).
Thanks for reading, I'm not blaming Minidisc forums btw, I'm just making you aware of this as yet unknown repercussion of the break-in's (and I hope Invision does encrypt login details!).
I got some more spam, so I'm back to see what I can do about it.
I just did a WHOIS lookup at Register.com against each of the domain's I've received spam from.
They're all registered to Gerald Gorman (firstname.lastname@example.org, tel 9086960929, maybe he's the guy who hacked into the forums?
Check for yourself, here's all the domain's I've had spam from:
Actually the last one is owned by Ultimate Email.com, a webmail provider. It asked me to give 1-206-338-3737 a call and ask for Joshua Otero:
Here's the email:
From: Joshua Otero <email@example.com>
To: minidiscforums <minidiscforums@my domain.com>
Subject: outermost message from Joshua Otero
Date: Wed, 12 Jul 2006 22:15:08 +0000 (EDT) (23:15 BST)
No required tests, classes, books, or interviews.
indwell bison refection travail implicate larkspur coulomb anamorphic shanghai forbade
dim tart, supposition adjudicate iv bergson wavelet metabolic quetzal busch convince ronald
airborne deportation .trifle bandy creosote hurty paterson superfluous expectorate bygone whish
bandstop! atmosphere homeomorph. monologist dormitory infinitum gymnasium ode ransack. elisha kochab remus scream.
Your Joshua I'm going to try and find out more about this Gerald guy... well I just noticed the domains are full of random adverts, all in the same style, looks like this is deffinetely the guy spamming me. OK I'm gonna see if I can track him down... well he's incorporated in New Jersey as NJ Domains inc, supposedly. I'm not American though so Google's not showing me search results relevant to American's like what I need. OK I'll use Yahoo, that's dumb enough to give me results that'd normally be useless to me... OK I couldn't find the American equivalent of Companies House (http://www.companieshouse.gov.uk/) but I did find a department to ask, hopefully they'll get back to me with some useful info. There's laws in the US against spamming, I'm quite certain I could sue Gerald. Well, he sure owns a lot of domain names!: http://www.google.co.uk/search?hl=en&q...earch&meta= That's a line off the site (that's duplicated on each of his domains) so I'm sure a WHOIS on any of them would turn up Gerald Gorman. EDIT: Looks like Gerald Gorman is the name all the addresses relating to Mail.com are registered to, so maybe he's not the culprit. Damn. Found him! According to various sites, this is the work of one Robert Soloway, so reknowned a spammer there's a Wiki page about him (probably because Microsoft sued him successfully for spamming hotmail users!), here: http://en.wikipedia.org/wiki/Robert_Soloway Well, looks like he's a bit out of my league if he's that well-known. Nonetheless, perhaps this could help law-enforcement prove he buys email addresses for the purpose of sending unsolicited email. <B>EDIT: 4AM</B> Don't worry, I'm usually up til 6 (and then I wake up at 10; who needs sleep ). Anyway, I've just posted over at SpamCop's forums on the legal side of this, here.