HUNDREDS of phishing emails!

Starting at 4:47 EDT today I started getting a steady stream of phishing emails, all different but all with the modus operandi, to one of my email addresses. Right now it’s up to about 700 and still coming. Each one is from a different sender, different subject line. Most of them are telling me I have a new account, give a link to login, and give my new username and password. Some are just total nonsense.

Isolated incident? Spammer server gone crazy? Some new trend?

Jane! Stop this crazy thing!

Sounds like a spammer used your address as their from address when they sent out their latest batch of mail.
Either that or it’s possible they populated their list wrong and your name ended up in the To field for everything.

I had that happen to me once (spammer used my address as from address so I got all the bounced emails). Got to work, loaded up Thunderbird and it suddenly thousands of emails started pouring in. Once it got to the point where I couldn’t use my computer I turned it off and called the company that handles my email. I told them what I thought was going on and asked if they could shut my account down, delete everything and turn it back on. They did, but they also said they had caught it hours earlier and had actually shut it down then. This was just everything pouring from their server to my computer. I want to say I ended up with something like 8 or 10 thousand emails to delete.

I have my own domain name and this email address is set up just to forward mail to my wife’s and my individual accounts, so I shut off the forwarding, and turned on the spam filter. That mitigates the impact but the mails are still coming.

There is a type of attack where someone who is using your bank or credit card accounts fraudulently sends you thousands of spam emails to distract you from emails regarding the fraud. So be sure you are tracking for any unusual activity in case this is just a smokescreen for the real fraud.

I remember reading back in the day when magazine cheshire labels were printed with stencils. The Readers Digest machine got stuck and one of their subscribers got five copies one day. The next day, the mailman dragged over two mailbags from the truck. The third day a semitrailer pulled up…

These are still coming and up to around 2,000. They include messages in English, German, Spanish, Italian, Greek, Chinese, Japanese, Russian, Portuguese, French.

I’m not really sure what the game is here. They don’t read like typical phishing attacks.

This is my WAG too. Unfortunately you now have a zillion bots all sending you phishing emails until the scammer turns them off or sends the correct target list.

Does your hosting provider offer any assistance? They may be able to implement traffic filters beyond what you can.

This appears to be the issue. I just discovered that my Amazon account has been hacked. The emails from Amazon to show the orders were swept up in all the spam emails, which are clearly just a diversion.

First, I received a couple of duplicate orders at my home of things I had ordered recently. So I checked my account, and oddly none of them were showing in “Your Orders”. Then my wife noticed that we got an order confirmation (buried in the spammy stuff) for a $50 Sephora gift card that we didn’t order. Then another the next day. I checked my credit card account and saw the charges.

Then I looked for the orders on my Amazon account and they weren’t there. That was a head-scratcher. Then I discovered a feature called Archived Orders. I have no idea why this feature exists but you can move any order in your order history to the Archived Orders list. So when you go to Your Orders, you no longer see them. So the scammer was hiding the orders this way. I looked at my Archived Orders, all the fraud orders were there.

I changed my password and email address, and removed all my payment methods, and hopefully that will resolve it.