Help - Search - Members - Calendar
Full Version: Real email address is hidden, right?
The Fountain Pen Network > Miscellaneous > Community Feedback
JDlugosz
Jun 28 2008, 04:52 AM
The real email address I used for this account is not shown anywhere, right? It is only used to send email by the forum software and admins.

I use a unique email address for each use, via sneakemail.com.

I got a 400k message from qb-billpay-errors@billpay.ctcfe.quickbooks.com on this address. If the phishers can't harvest addresses from the message board, how did they get it? Has there been a known security breach and the real emal file gotten out? Does an FPN admin have a virus?

--John
grasshopper
Jun 28 2008, 07:43 AM
John,

You are right - your email address will not be shown anywhere on the board unless you set it to do so. There have been no recent breaches nor do any of us have had any viruses in our personal accounts that I'm aware of - regardless, we'll check up on this and get back to you. Thanks for your patience in the meantime.


raf.

Hans-Peter Ording
Jun 28 2008, 09:12 AM
The spammers don't only use e-mail adresses that they find on the net. They are also making up addresses and try if they work by sending mail to them. So you will get spam sooner or later even if you don't publish your address.

Regards
Hans-Peter
Deirdre
Jun 28 2008, 09:14 AM
QUOTE(Hans-Peter Ording @ Jun 28 2008, 02:12 AM) [snapback]653802[/snapback]
The spammers don't only use e-mail adresses that they find on the net. They are also making up addresses and try if they work by sending mail to them. So you will get spam sooner or later even if you don't publish your address.

It's called a dictionary attack, and Hans is right.
Col
Jun 28 2008, 10:44 AM
QUOTE(Deirdre @ Jun 28 2008, 10:14 AM) [snapback]653803[/snapback]
QUOTE(Hans-Peter Ording @ Jun 28 2008, 02:12 AM) [snapback]653802[/snapback]
The spammers don't only use e-mail adresses that they find on the net. They are also making up addresses and try if they work by sending mail to them. So you will get spam sooner or later even if you don't publish your address.

It's called a dictionary attack, and Hans is right.

Dictionary attacks are most commonly made against the MX of a domain known to be active. To be anywhere near effective, a considerable number of delivery attempts would be required, which I think might have been noticed, if not by John. And once a valid user name is discovered, you can bet it would receive more than just the odd junk email.

Anyway, If John has use-specific email addresses, a dictionary attack is unlikely to be effective as IME they usually depend upon the use of personal names as the user name. I do something similar to John, except that I tend to make higher-exposure addresses time-expiring: 0608@mydomain.com for web purchases, for example. My usenet address is black-holed in the DNS - one of the advantages of running your own servers.
Elaine
Jun 30 2008, 03:42 PM
QUOTE(JDlugosz @ Jun 28 2008, 12:52 AM) [snapback]653705[/snapback]
The real email address I used for this account is not shown anywhere, right? It is only used to send email by the forum software and admins.

I use a unique email address for each use, via sneakemail.com.

I got a 400k message from qb-billpay-errors@billpay.ctcfe.quickbooks.com on this address. If the phishers can't harvest addresses from the message board, how did they get it? Has there been a known security breach and the real emal file gotten out? Does an FPN admin have a virus?

--John


The message was your invoice for the ink. You provided your email address when you ordered the ink. That email address is used for sending the invoice and any correspondence about the ink. It is not made available to anyone anywhere.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2008 Invision Power Services, Inc.