Results 1 to 8 of 8
  1. #1
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    966
    Thanks
    19
    Thanked 4 Times in 4 Posts

    Angry Stolen email address from Windows Secrets

    It appears that someone in the Windows Secrets organization has accessed [at least] my email addr. In the last week, I had received a number of spam emails to the disposable email addr I previously used for WS.

    According to my WS forum settings, only administrators can send me email (I don't know if this means that they can actually access the email address).

    Since that email addr was only used for WS, the leak had to come through here. I am not aware that WS rents out their email list. So who at WS has access to user email addresses and could have taken them or sold them?

    BTW: I have since changed that email addr.

    Here is an excerpt from one of the spam emails:

    Received: from [41.82.74.191] by web190107.mail.sg3.yahoo.com via HTTP; Sun, 06 Nov 2011 06:21:36 SGT
    X-Mailer: YahooMailClassic/14.0.11 YahooMailWebService/0.8.114.317681
    Message-ID: <1320531696.6625.YahooMailClassic@web190107.mail.s g3.yahoo.com>
    Date: Sun, 6 Nov 2011 06:21:36 +0800 (SGT)
    From: Brenda Moyo <brenda.moyo12@yahoo.co.th>
    Reply-To: xxxxxxxxxxxx
    Subject: Woody's forums: Hello <<<======
    To: undisclosed recipients: ;
    MIME-Version: 1.0
    Content-Type: multipart/alternative; boundary="-1728339616-249150080-1320531696=:6625"
    X-DEA-MAIL-FROM: brenda.moyo12@yahoo.co.th
    X-DEA-RCPT-TO: My old (now defunct) email addr on WS
    X-DEA-INFO: * Replies will be sent through Spamex to brendamoyoc@yahoo.in

    ---1728339616-249150080-1320531696=:6625
    Content-Type: text/plain; charset=utf-8
    Content-Transfer-Encoding: quoted-printable

    Hello
    =0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0 A=0A=0A=0A=0A=0A=0A=0A=0A=

    ...

  2. #2
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Hello ibe98765,

    Thanks for reporting this matter. Rest assured that the Windows Secrets Lounge does not sell or rent member email addresses out.

    We are looking in to this and will get back to you shortly.

  3. #3
    4 Star Lounger I.M.O.G.'s Avatar
    Join Date
    Mar 2011
    Location
    Rootstown, OH
    Posts
    589
    Thanks
    11
    Thanked 28 Times in 23 Posts
    I've reviewed your current account settings and there is no accessibility to your current email address here through the WSL. Only admins and mods have access to it.

    The most common way people scrape email addresses from forums is by downloading vcards, but I see you have that disabled in your account settings.

    If you can forward the full spam emails in question to matt.bidinger at inetinteractive.com I will investigate further.
    Matt Bidinger
    Online Community Engagement

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    It's curious that the spammer referred to the Lounge as "Woody's forums," which was renamed to Windows Secrets almost exactly two years ago. Is it possible someone might have gained access to an older email archive or database file?

  5. #5
    4 Star Lounger I.M.O.G.'s Avatar
    Join Date
    Mar 2011
    Location
    Rootstown, OH
    Posts
    589
    Thanks
    11
    Thanked 28 Times in 23 Posts
    That is strange that it references Woody's forums - it implies they have outdated information from somewhere, as it hasn't commonly been called woody forums for quite some time.

    So the only way the email would have come from that is if it was made available in the past somehow through the version of software used previously - I know nothing about the software used prior to the upgrade to vBulletin which is used currently. There is no access to the old information currently, anything like that is behind firewalls and secured within iNet's hosting environment.
    Matt Bidinger
    Online Community Engagement

  6. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by I.M.O.G. View Post
    I know nothing about the software used prior to the upgrade to vBulletin which is used currently.
    In November 2009, we converted from a heavily customized set of Perl scripts named W3Threads to Invision Power Board. There was a period of overlap for testing, and then the old server was running for a while so we could resolve some transitional issues. Eventually, the old server was shut down at some point. We converted to vBulletin in January of this year.

    With all the different hosts for the lounge over the years, it would be hard to track down where someone might have picked up one or more email addresses. But in that case, you would expect many more reports.

    To ibe98765: Is it possible there was a breach at Spamex? If you identified the address as associated with "Woody's forums" when you set it up with Spamex, that would be worth investigating.

  7. #7
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    966
    Thanks
    19
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by jscher2000 View Post
    To ibe98765: Is it possible there was a breach at Spamex? If you identified the address as associated with "Woody's forums" when you set it up with Spamex, that would be worth investigating.
    No, just checked. I have it identified as Windows Secrets.

    I think the best guess is that as said above, someone managed to get their hands on an old dB backup/archive that contained the email address. Then sold the dB to a spammer.

    But then again, if that were true, then others should also be getting spam mail with this title. The problem though would be that unless someone were registered with a spamex type address, they wouldn't really know how the spammer got their email address and so probably wouldn't report it here.

    In any case, I changed my registered email addr here and dumped the old one, so I won't be getting any spam any longer.

  8. #8
    4 Star Lounger I.M.O.G.'s Avatar
    Join Date
    Mar 2011
    Location
    Rootstown, OH
    Posts
    589
    Thanks
    11
    Thanked 28 Times in 23 Posts
    The subject of your spam was Woody's forum, so that is a pretty good giveaway if anyone is receiving that sort of spam - I would expect more members to report receiving something like that if it were a breach that in any way related directly to the membership DB.

    Keep in mind also, our hosting arrangement is behind some pretty sophisticated firewalls, designed to stand up to financial security regulations as we do process credit card transactions which means we have strict security regulations to follow.

    I had mentioned it before, but I'd like to ask again - If you could forward me the spam emails you received, I could look into their source and do more to attempt to trace back the spam.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •