User comments on ISPs
  >> PlusNet plc


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | [2] | 3 | 4 | 5 | (show all)   Print Thread
Standard User steve195527
(learned) Sun 16-Dec-18 12:04:16
Print Post

Re: Suspected personal information leak


[re: greenglide] [link to this post]
 
one thing to remember about these leaks is that if somebody wanted to find out things about you re your address/phone number etc they can and have been able to use the electoral roll to do exactly that allied to an old fashioned phone book for donkeys years,all the electronic data bases have done is make things easier for crooks to gather info on people
Standard User RobertoS
(elder) Sun 16-Dec-18 12:25:54
Print Post

Re: Suspected personal information leak


[re: jchamier] [link to this post]
 
I run a catch all mailbox on all my domains, including this one. Spammers, phishes and the like have no need to determine what comes before the @.

It is therefore extremely unlikely that the unique prefix for Plusnet would result in an email to me using it unless the Plusnet database provided it.

I still suspect it will be from the redundant billing system.

There is no email address on the website for the accounts department else I would have sent one earlier. A phone call on Monday is probably best. Or do an online search for the CEO’s email address, which would probably be the most productive and least hassle option.

Which all puts me back to the original question. Are people getting this particular email, or any other in fact, to a unique Plusnet address. People who have a multiple-use email address won’t know of course.

My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - Three 4G, tbb tests 35-45Mpbs down, 9-15 up.
==================================================
If you never think of anything off the wall, you'll never think of anything original.
Standard User steve195527
(learned) Sun 16-Dec-18 13:03:55
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
In reply to a post by RobertoS:
I run a catch all mailbox on all my domains, including this one. Spammers, phishes and the like have no need to determine what comes before the @.

It is therefore extremely unlikely that the unique prefix for Plusnet would result in an email to me using it unless the Plusnet database provided it.

I still suspect it will be from the redundant billing system.

There is no email address on the website for the accounts department else I would have sent one earlier. A phone call on Monday is probably best. Or do an online search for the CEO’s email address, which would probably be the most productive and least hassle option.

Which all puts me back to the original question. Are people getting this particular email, or any other in fact, to a unique Plusnet address. People who have a multiple-use email address won’t know of course.

Once an email address has been compromised/harvested(whatever term is used it means basically the same thing)other than changing to a new strong password what can be done,can an email addy be totally disabled by the holder of the domain it is linked to or is like most things put on the web "there for all time"?


Register (or login) on our website and you will not see this ad.

Standard User mrkevlh
(newbie) Sun 16-Dec-18 13:24:06
Print Post

Re: Suspected personal information leak


[re: steve195527] [link to this post]
 
The advantage of having your own domain is that when an email is compromised like this you can just move to another alias (and delete the old one). I've been doing this for years and I've lost count of the number of times I've had to change my paypal address (3rd party sellers yo). Because of this i get zero spam.

Edited by mrkevlh (Sun 16-Dec-18 13:25:52)

Standard User steve195527
(learned) Sun 16-Dec-18 13:38:22
Print Post

Re: Suspected personal information leak


[re: mrkevlh] [link to this post]
 
In reply to a post by mrkevlh:
The advantage of having your own domain is that when an email is compromised like this you can just move to another alias (and delete the old one). I've been doing this for years and I've lost count of the number of times I've had to change my paypal address (3rd party sellers yo). Because of this i get zero spam.

how easy is it to get a 3rd party to do this ? and how can you be 100% sure they have even if they say they have?I suppose trying to send to and from that address could give an " almost sure" they have done but still not 100%
I suppose the good thing about there being a limitless number of unique email addresses out there is the ability to find a new one that hasn't been hacked in some way
Identity theft isn't a new phenomenon but is becoming more widespread and easier to do,or as it always been relatively easy but not talked about as much?

Edited by steve195527 (Sun 16-Dec-18 13:42:09)

Standard User jchamier
(eat-sleep-adslguide) Sun 16-Dec-18 13:51:25
Print Post

Re: Suspected personal information leak


[re: steve195527] [link to this post]
 
In reply to a post by steve195527:
how easy is it to get a 3rd party to do this ?

Easy with Office 365/Exchange Online. You configure the domain's MX records to point to Microsoft, and then on Microsoft's control panel you buy mailboxes per human being.

Then you assign addresses to the mailboxes, e.g. bill@domain.dom and sales@domain.dom and accounts@domain.dom goes to mailbox1. Anything not listed is rejected at the SMTP level, so no email flows.

If you accept everything *@domain.dom then you have to filter once you receive. This is wasteful as spam emails are getting larger and larger (in some cases tens of megabytes).

Many anti-spam researchers say there is no point in this, it just adds complexity for you. I can't find the research right now.

plusnet 80/20 (2/jun/14) at 470m - sync 19/Sep/18: 61,689 / 8,831 - G.INP & 3.0 dB SNRm
19 years of broadband, from 1999's ntl:cable modem trial - Live BQM
Standard User RobertoS
(elder) Sun 16-Dec-18 14:22:12
Print Post

Re: Suspected personal information leak


[re: jchamier] [link to this post]
 
Blacklisting at the server end is fine, but useless unless you also only allow specific email addresses that you have set up. I.e. have a White List.

That is far too much bother when you are handing out unique addresses to every supplier you deal with. To take it to its logical conclusion you also need to give a unique one to all your contacts.

Back to the Plusnet one though, the domain name is not a dictionary word. Which means to alight on me it needs to be effectively randomly generated as somebody posted. As well as the prefix to the @. Then, such a generator sending out spam to every address generated would surely be trapped somewhere on the net as being illegitimate? (Maybe not, but routers everywhere would be flooded).

Finally, in the UK the hacker would almost certainly initially append .co.uk. I do have that domain as well as the one this email came to. I would expect to have received this on the .co.uk version, not where I did.

Far too many coincidences. It has to have been leaked or the database hacked.

My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - Three 4G, tbb tests 35-45Mpbs down, 9-15 up.
==================================================
If you never think of anything off the wall, you'll never think of anything original.
Standard User jchamier
(eat-sleep-adslguide) Sun 16-Dec-18 14:58:10
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
This is why those that run the mega-large mail systems suggest not worrying about giving different organisations specific email addresses. You will find large companies (e.g. BP, Intel etc) don't have catch all.

Its not white listing or black listing, its saying "my address is viz, seb@thinkbroadband" and not accepting anything else to that domain. Then handling spam to that address as a separate topic.

You are hypothesising that your address has been obtained by a leak. I am countering that no leak needs to have happened. (Not that it hasn't, just that use of your email doesn't prove cause).

Spammers can query DNS, and can look at WHOIS services - they can also generate addresses. They just flood the network until some deliver. They don't care about deliver-ability statistics, hence the problem of 'back scatter'.

plusnet 80/20 (2/jun/14) at 470m - sync 19/Sep/18: 61,689 / 8,831 - G.INP & 3.0 dB SNRm
19 years of broadband, from 1999's ntl:cable modem trial - Live BQM
Standard User RobertoS
(elder) Sun 16-Dec-18 17:24:29
Print Post

Re: Suspected personal information leak


[re: jchamier] [link to this post]
 
Too many coincidences, as I explained.

My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - Three 4G, tbb tests 35-45Mpbs down, 9-15 up.
==================================================
If you never think of anything off the wall, you'll never think of anything original.
Standard User jchamier
(eat-sleep-adslguide) Sun 16-Dec-18 17:40:32
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
In reply to a post by RobertoS:
Too many coincidences, as I explained.

Then contact them, and maybe BT Security, and the ICO.
Probably worth letting your bank and credit card companies knowing you think your data has been leaked.

plusnet 80/20 (2/jun/14) at 470m - sync 19/Sep/18: 61,689 / 8,831 - G.INP & 3.0 dB SNRm
19 years of broadband, from 1999's ntl:cable modem trial - Live BQM
Pages in this thread: 1 | [2] | 3 | 4 | 5 | (show all)   Print Thread

Jump to