Someone bought a new email list!

Crawl out of bed, put on a pot of coffee, check my email and what do I see? My spamblocker summary report. That’s not terribly unusual. I get a couple of spam emails a day. Usually I catch them before the report is generated and delete them from my suspect email folder. Today, let me see… One, two, three… many. I stopped counting after 100. I estimate over 300 spam emails were sent to me overnight, mostly from blocked domains. More than a few were from an address I blocked, since it’s from a defunct business I was with, and a couple were from BeelzeBob, whom I blocked (and told him I was blocking him) because he refused to take me off of his mass mailing list and I was tired of his Teabagger and racist shit. I don’t know whether to be annoyed that someone(s) tried to send hundreds spam mails, or amused that they went to all that work and their attempts were all deleted before I even saw them. (The summary report says who was blocked, the subject, the date, and why the mail was blocked. I don’t actually receive the mails.) All they did was provide fodder for a groggy Sunday morning thread on a message board.

I just wish my spamblocker had an auto-infect feature that bounces the spam back to the senders and infects their computer with a nasty virus.

Odd that you should mention it. I got an email from TiVo, which I had discontinued at least two years ago because we got a DVR from our cable company, which alerted me to the fact that TiVo’s email list had been hacked and that it was possible my first name and email address may have fallen into the worng hands.

That message was in my “Suspect Email” folder when I logged in a couple hours ago and there are no new messages there now. I’m braced for an onslaught, but I also noticed that as of February my “Known Spam” folder count has remained low. Right now it’s at 10! I have to assume my ISP has stiffened its rules for things slipping through to “suspect” level.

Was TiVo among your senders?

No ‘tivo’ in the list of spams on the list.

My question was poorly phrased: I meant have you had TiVo as a former “authorized” sender? My understanding of their message today was that since I used to receive email from them, and was therefore on their mailing list, that I was subject to weird new messages due to their stolen email list.

I’m trusting my Spamblocker to dump a large percentage of unwanted spam and to screen the rest to my “suspect” list.

Just to clarify the TiVo content, here it is:

========================================
Dear TiVo Customer,

Today we were informed by our email service provider that your email address was exposed due to unauthorized access of their system. Our email service provider deploys emails on our behalf to customers who have opted into email-based communications from us.

We were advised by our email service provider that the information that was obtained was limited to first name and/or email addresses only. Your service and any other personally identifiable information were not at risk and remain secure.

Please note, it is possible you may receive spam email messages as a result. We want to urge you to be cautious when opening links or attachments from unknown third parties.

We regret this has taken place and apologize for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.

If you have unsubscribed in the past, there is no need to unsubscribe again. Your preferences will remain in place.

Sincerely,
The TiVo Team

=========================================

Heck, I don’t even have my credit card issuers on my approved senders list! :stuck_out_tongue: I just let them go to the suspect folder.

I’ve never used TiVo, so they would not have my address. If I had dealt with them, I would juet let their emails go to Suspect.

Those are smart moves. I tend to do that, too. In fact, when I have the choice to “add to contact list and move to Inbox” versus “move to Inbox” I usually don’t add them to contact list.

In spite of such precautions, I have had some unauthorized mailings sent from my email address in sizeable quantities, on more than one occasion, prompting me to change passwords and that sort of thing. It’s been quite a while since the latest invasion. I just hope my ISP has patched that hole.

I would pay quite a hefty sum of money for such a feature. I’d pay even more if I could somehow afflict each spammer with a nasty case of hemmorrhoids.

I’ve never had those. Are they worse than explosive diarrhea?

The Tivo thing was part of this:

http://www.securityweek.com/massive-breach-epsilon-compromises-customer-lists-major-brands

I got one from New York and Company that said the same thing as the Tivo one.

I have Gmail and I’ve never had spam make it into my inbox I don’t think, and legit email never really seems to go in the spam (I do always glance before deleting at the headers). So this is annoying but if they only have my email, then whatever. Just wish I had a “spam” and a “legit” account but I was always too lazy for that.

What? Spammers? :smiley:

Eh, except the actual sender is most likely some innocent person who happens to already have a virus, which is how the spam got sent out in the first place.

If spammers were sitting at their own computers using their own email addresses and email clients, we probably wouldn’t have a problem with spam.

Somebody’s been busy. A couple of Facebook friends posted this morning that they’d had notifications from Kroger and the College Board that their email databases had been compromised also. Then found this news report:

Edit: Ninjaed by myskepticsight!

In the case of spoofed addresses, I was thinking that the auto-infect feature would go after the originator in the header.

Of course, my auto-infect anti-spam would have to have an anti-auto-infect feature. And a double-secret auto-infect to infect the spammers who have auto-infect themselves so as to punish people who are trying to punish them. :stuck_out_tongue:

I got an email yesterday from Kroger (grocery store where I’m signed up with their club card) that their email list had been hacked.

This is what it says:
Kroger wants you to know that the data base with our customers’ names and email addresses has been breached by someone outside of the company. This data base contains the names and email addresses of customers who voluntarily provided their names and email addresses to Kroger. We want to assure you that the only information that was obtained was your name and email address. As a result, it is possible you may receive some spam email messages. We apologize for any inconvenience.

Kroger wants to remind you not to open emails from senders you do not know. Also, Kroger would never ask you to email personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted.

We got the same message from Best Buy and Chase. This Epsilon company must be a busy place.

FWIW, I only got the one deluge of spam.

I got an Epsilon notice from Best Buy and Target.

Weird thing is that I’ve been getting copies of the same spam at my X email address that I am getting at Y, where Y is the one I use to sign up for things like Best Buy and Target.

Good thing is that spam filters are working hard and the spam is subsiding.

My roommate didn’t quite have that, but he did have a feature that sent back a failure notice, with the idea being that whoever sent it would think the address invalid and would never send it again.

BTW, my spam count is normal. Two or three a day, ever since I moved to Gmail 3+ years ago.

Haven’t had any unusual amounts of spam (yet), but interestingly I got an e-mail from Air Miles (which I don’t think even operates in the US, unless things have changed recently) reporting that their e-mail list had been hacked as well. Looks like a lot of companies use that same e-mailing service!