Spam to plusnet-specific Email address.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: Spam to plusnet-specific Email address.
Re: Spam to plusnet-specific Email address.
19-01-2015 9:27 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It was a simple scenario. I'll rephrase it even simpler:
1. I find out the domain name of a plusnet user.
2. I now automatically have their billing email address.
3. I can send them spam
4. Multiply by several thousand
Is that possible? Can anyone answer yes or no (and if no, then an explanation why it isn't possible).
Let me clarify this even more. My Plusnet web space is http://www.username.force9.co.uk. ok? That address exists in DNS, as I presume does every other PN user's web space.
If I remove the "www" from that, and add "postmaster@"or "username@", I get a legitimate billing email address...in fact the address or addresses I am currently getting spam sent to.
Is this not a legitimate and perfectly feasible way to identify the email addresses of an ISP's users?
You know what a turtle is? Same thing.
Re: Spam to plusnet-specific Email address.
19-01-2015 9:43 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
People receiving the spam are reciving it at the secondary billing e-mail address.
My mail notifications go to my @f9.co.uk address and a gmail.com address. It is the gmail.com address that the spammer(s) have.
Well, would have if I was being affected by this, but that's what the others have been getting.
Some of them have set up specific addresses such as plusnet-billing@example.org which the spammers are using, and those addresses are only used for the plusnet billing e-mails.
Hope that clears things up.
A.
Re: Spam to plusnet-specific Email address.
19-01-2015 10:40 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
However I have started receiving spam at username@username.force9.co.uk. This is my primary billing address, not the secondary one I can change in my online account/billing settings. It is also an address that is never used other than by PN to send me monthly billing mails and any ticket updates.
It's possible I may be receiving spam at my secondary one, but since that's my work address, and I'm at a prominent UK university our email servers drop 99% of all spam that we receive anyway, so I wouldn't know.
You know what a turtle is? Same thing.
Re: Spam to plusnet-specific Email address.
20-01-2015 8:54 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: lorisarvendu Sorry, I misinterpreted that. I see now that my method could not have resulted in spam sent to a non-PN address.
However I have started receiving spam at xxxxxxxxxxxxxxxxxxxx@yyyyyyyyyyyyyyyy This is my primary billing address, not the secondary one I can change in my online account/billing settings. It is also an address that is never used other than by PN to send me monthly billing mails and any ticket updates.
It's possible I may be receiving spam at my secondary one, but since that's my work address, and I'm at a prominent UK university our email servers drop 99% of all spam that we receive anyway, so I wouldn't know.
Woh! - delete your email address from that post quickly, otherwise you'll start getting a whole lot more!!!
And don't EVER post it on a public forum again.
Re: Spam to plusnet-specific Email address.
20-01-2015 9:04 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Although my earlier point still stands, that if someone manages to enumerate all Plusnet's subdomains (and from what I understand that is perfectly possible to do) then they automatically get a list of all Plusnet users primary email addresses anyway.
You know what a turtle is? Same thing.
Re: Spam to plusnet-specific Email address.
20-01-2015 10:34 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Spam to plusnet-specific Email address.
20-01-2015 9:52 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Perhaps if the number of customers they believe are affected is so few, it wouldn't be an issue for them to do that.
Perhaps someone with the figures for the Plus Net email servers can give us some statistics on the subject:
- How billing email addresses are served by PlusNet MX servers (volume and percentage of accounts).
- Percentage of billing email addresses served by PlusNet MX servers, that are receiving the Gamer SEO spam.
- Signup time window that unites these addresses. Or other relevant unifying detail (after all, you've finished a thorough investigation, so you should have this in a report)
Chris, as PlusNet staff, you now need to respond to the questions we've been asking, as they're building up,
James
Re: Spam to plusnet-specific Email address.
21-01-2015 12:21 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I too use a special Email only given to Plusnet and have been recieveing unsolicited Emails since November on that address - I dont call it spam because it isnt random or flooding just Emails from companies I would never deal deal with
I also got the canned answer from their Security team that their investigation found nothing - yet I get Emails to this specific address
The concern is anyone who took the Email address from the billing system could also have taken name/date/credit card details too
I will attach some evidence I can share with the ICO and/or Plusnet in full if they wish
Re: Spam to plusnet-specific Email address.
21-01-2015 1:07 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Spam to plusnet-specific Email address.
24-01-2015 10:17 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It hasn't ruined my life, but for Plus.net to deny this has happened is pretty outrageous. I've updated my plus.net contact email address, so if the leak is ongoing we'll know.
If anyone at plus.net wants any more information from the emails I'm happy to help. Also, any action by the ICO I'm happy to provide evidence as required.
I raised a ticket with plus.net and received a nonsense response about spam filters.
shame.
Re: Spam to plusnet-specific Email address.
25-01-2015 1:12 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Three separate emails to 3 different mailboxes I have in place all spurious, all "from" random letter string @astral.ro @centennialpr.net @beotel.net the subject in each case was different and for example one said "Rarely patients may experience significant bleeding or pain during the biopsy."
If the CSC et al want the headers PM'ed I have them in my delete folder for now...........................for the record I never use the preview pane and only read emails that are AFAIK legitimate so have no idea what the body contents might be
Re: Spam to plusnet-specific Email address.
25-01-2015 12:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Routefinder Three separate emails to 3 different mailboxes I have in place
Doesn't sound like the problem being described here, unlike the previous post from bishz, which was spot on.
Re: Spam to plusnet-specific Email address.
25-01-2015 3:37 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Spam to plusnet-specific Email address.
25-01-2015 10:42 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Spam to plusnet-specific Email address.
30-01-2015 6:03 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Bishz, thank you for joining our numbers; The fact that you first saw the spam in December shows either that spam filtering catches these messages easily, or that we have a more serious problem that only some of the addresses were used in their initial phase of testing out the validity of the email addresses they had purchased.
The potential for these addresses to be sold on to someone, who may well use them for more nefarious purposes, is still ever present,
James
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: Spam to plusnet-specific Email address.