We recently signed up for Verizon DSL service, which allows many email addresses so we have one for each of us. As I understand, Verizon assigns each of our email address an internal company account-type name for their files and such. Verizon’s company account name for Mary was resoks40. For some reason, we’ve been getting some spam to resoks40 at verizon.net. Verizon correctly advised me to turn on the spam filter function for Mary’s account, which so far has helped.
Now, we just received this (below) addressed to Mary’s personal Verizon email address. Firstly, I understand that there are many ways for an email address to be compromised. But we’ve been taking great care, yet somehow her email address got out there. I’m upset as it’s a very new address.
Secondly, everything in the email looked very legitimate, all the appropriate gifs and everything. We didn’t respond or click on any of the links within the email. Is it just a good hoax or did an Angela Ermold somehow get ahold of Mary’s personal info and is doing some hinky stuff? Or is it just a great coincidence?
In the capture, there was a line in the middle of account info that I edited out and more links at the bottom that I didn’t have room to capture.
I wanted to post this and make it known in case this is the next up and coming scheme.
That is what the actual confirmation email looks like from Yahoo when you sign up for a Yahoo email account. They send that email to the address you give as your alternative email address to confirm that you entered the correct address. The alternative email address is where they send mail if you request a new password and stuff like that.
I just signed up for a bogus Yahoo account and I got the same email from Yahoo asking me to verify the address I gave as an alternative contact email address.
It could still be a phishing scam that tries to get you to click a link. It is possible that the link could take you to a web page that asks for personal information or tries to exploit a security vulnerability and hack in to your computer. It is also possible that it is completely legitimate and someone mistyped their alternative contact email address when they signed up for Yahoo. It’s hard to be sure, and good to be paranoid.
One way to check is to look at the raw source for the email message. You can look at the link where they ask you to click to remove and check if it does anything phishy. But that requires that you know HTML and are familiar with the various ways of disguising a phishing URL. That’s not something that normal people can do.
If you just ignore the email and don’t respond it’s not going to be an issue for you. It would only be an issue for the person who was trying to sign up for a Yahoo account and the only issue there is that their alternative contact address won’t be confirmed and then Yahoo would stop using it.
Email addresses that are just the first name followed by a last name are vulnerable to dictionary attacks where spammers try to guess an email address by going through lists of common names and putting a random first name together with a random last name and hope that it turns out to be a real email address. Email addresses made up of a first name and last name are also very common and it is possible that someone else was using that same email address earlier before they canceled their Verizon service. Then you end up getting spam and other stuff that was meant for them.
Jacquie and I recently refinanced our mortgage. I did some shopping online, and we actually bought our loan through an online vendor. Guess what kind of spam we’re getting now?
I only blame the vendor in a small part for this. By entering my email address (as I had to) at such sites to get quotes, that email address goes into who-knows-what kinds of databases to spam me with mortgage-related junk. Plus I get a ton of seemingly unrelated mortgage spam through my work email address, based on the assumption that I live in the town where I work (lots of Rancho Cordova in the subject lines).
But it doesn’t end there. We also have gotten dozens of pieces of junk mail, and unsolicited phone calls offering us everything you might want to sell to the owner of a new home. We patiently explain to each that we have not just bought a home, they are wrong in assuming we have, and to take us off the list.
Unfortunately when you change your mortgage lender, some part of that transaction is a matter of public record. So I think a lot of the junk mail and phone calls we get are based on the changes made to county records about the mortgage on our house. Something like that. So they come swarming, offering to sell us alarm systems (ADT was the worst, 3 or 4 calls!) and all sorts of other stuff we don’t need.
Anyway, back to suspicious emails. Yup, lots of suspicious stuff comes in. I get about 1300 pieces of spam email to my work email address each weekend. This is now completely separate from my unicycling.com address, and is hardly used. Doesn’t seem to matter at this point. So good filters and anti-spam software are the way to go.
What will work best for you depends on you email software and usage habits. I can’t use whitelists/blacklists because I accept unsolicited emails from people with unicycle questions all the time. I use Outlook on my PC, and with that I use Cloudmark Safety Bar. On my Mac, with Entourage, I use SpamSeive.
I rarely give out my real phone number. My number is unlisted. And I got a special voicemail and fax number that I give out to all those companies that want a phone number. Then if they actually send a fax or voicemail message, I get it in my email.
As for email spam… I get about 2000 a day. Now don’t I feel special. So if you sent me an email and never got a response, you probably have my old email address or it got lost amoungst the spam. @#$%^&* spam, i hate it. I’m tempted to hire an lawyer to take them to court, but lawyers suck, might be worse than spammers.
From what i read i thought it was just spyware noting your address but when i read further i couldnt believe that people actually do that and so blindingly easy to. I mean form that screenshot it looks identical to when i signed up 2years ago. Hmmmm…i wonder if its the same with the new hotmail accounts???
Gilby, your new avatar looks very cool. I see it as a green light to make a 100 pixel one myself. Is that photo of you from the 2003 NAUCC MUni race? Is it by me or your dad?
Woah, fast response. Gilby’s got his ears on! Yes, I thought that picture was familiar, but didn’t think it would be from so far back!
So that’s before MUni was common, at least at USA conventions. The first time we did MUni events on anything bigger than a “hill.” Dustin Kelm won the cross country race, on a plain old 24" Miyata, and Gilby won what I think was the first-ever NUC Uphill race, also on a plain old 24" Miyata. Both had 125mm cranks.
I’m not worried about you having it, or should I be? It’s mostly just the companies and whoever may be a telemarketer that I don’t want to have it.
Feel free to call me.
(If the number you have for me is a 651 area code, then it’s probably my parents. Mine is a 763 area code, in which case you probably have the correct one for me)