[ale] OT(ish) Sold or stolen?

Jim Kinney jim.kinney at gmail.com
Tue Sep 2 21:28:28 EDT 2014


The timing is suspicious but it very well could be just a coincidence.
Create a few more random name accounts on the same server, don't give those
out and watch for a few days for activity.


On Tue, Sep 2, 2014 at 8:37 PM, Alex Carver <agcarver+ale at acarver.net>
wrote:

> I have cell service with AT&T and, in their section of the account for
> handling billing information, there's a spot to add an email address for
> billing notifications.  I have long ago opted out of all marketing
> options offered and for many years didn't get much except notices the
> bill is due.
>
> Two years ago I decided to give them a new email address which was a
> randomly generated alias at my domain and hosted on my own server.  I
> had done that with several other companies (bank, credit card, etc.),
> just hadn't gotten around to AT&T yet.
>
> Two years and all was fine.  A few days ago, I suddenly start receiving
> tons of spam attempts (usually blocked by an RBL) and connection
> attempts on my server.  I always have the exim logs showing on my
> screen, I can see emails coming in as it happens including the failures.
>  This was the first time that any of my random aliases were used by
> someone other than the company that has it.  Until this point no one
> tried these addresses because they weren't advertised anywhere by any
> mechanism.
>
> I never gave anyone else that particular alias, I don't use it as a
> username for my online account access, it's not stored in my phone or on
> any address books, and I don't send email from it (receive only alias).
>
> I've already called their fraud department who proceeded to spend 40
> minutes on the phone with me using various levels of technical jargon
> plus pointing fingers to shift the blame away from them (at one point
> they actually said "A third party must have your email address.")
>
> Do you think it was sold and they got caught with their hand in the
> cookie jar or stolen and they don't know there's a breach in progress?
>
> Aside from the fraud group which has advised me that they are opening an
> investigation (maybe) would you suggest I talk to anyone else?
>
>
> Exim's logs show attempts coming in from a vast array of countries
> including Italy, Canada, Switzerland, Brazil, Romania, Argentina,
> Bulgaria, Portugal, Serbia, Germany, Austria, Israel, India, Turkey,
> Spain, Croatia, Venezuela, Columbia, Poland, Iraq (by way of Al
> Jazeera's servers of all things) and quite a few servers within the US
> plus many, many more that I didn't spend time looking up just yet.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>



-- 
-- 
James P. Kinney III

Every time you stop a school, you will have to build a jail. What you gain
at one end you lose at the other. It's like feeding a dog on his own tail.
It won't fatten the dog.
- Speech 11/23/1900 Mark Twain


*http://heretothereideas.blogspot.com/
<http://heretothereideas.blogspot.com/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140902/a437b9f6/attachment.html>


More information about the Ale mailing list