Rummaging through their mail as I sometimes do (mainly out of curiosity, but sometimes I still receive mail from people at their house) I noticed what at first looked like junk mail from a well-known national ISP. Fortunately, I noticed that it said “welcome aboard!” or something to that effect, and I opened it up to find out that my parents credit card has paid for a nice new account with this company.
The problem, of course, is that they never did any such thing themselves (they’re perfectly happy with their friendly local ISP). A quick check with the credit card company verified that, in fact, this ISP has billed VISA for a month’s worth of their services (not too expensive, fortunately, only $11 for the first month).
The letter from the ISP contained the username and password for this account, so I put my detective hat on and decided to take a peek at what, if any, e-mail would be in this account that was activated just a few days previous. As it turns out, it was about 1,200 pieces of spam, about 1/3 of it with current dates on it, and about 2/3s with dates in the year 2000.
A check on Google’s usenet archive (how complete is that thing, anyway? I know it used to have some gaping holes in the late 1990’s or something after they acquired the whole thing from DejaNews) I find that the exact e-mail address belonged to a person who posted in various nasty xxx newsgroups in 1996 and 1997.
SO, the general question here is this: what in the hell am I dealing with here? Has their credit card number been stolen by a spammer? Is this a common problem? In general terms, how would a crime such as this be perpetrated? (note, of course, that neither I nor, I imagine, The Chicago Reader, have any interest in specific details on how to commit credit card fraud) And, probably most importantly, what are some not-so-obvious precautions we should be taking to lessen the chances of this ever happening again?