Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


res

res

18 posts

Geek


#249045 22-Apr-2019 13:32
Send private message

Hi all,

 

 

 

In the last few days I've noted that similar themed junk/scam mail started arriving not just on my base xtra email address but also on all 5 of its alias addresses.

 

I don't believe that it is my account that has been hacked, it has a reasonably strong password, and there are no signs of unexpected activity there.

 

Curiously, one of the aliases is not guessable and has not been used, while another was created soley to log on to a single web site.

 

A web search didn't find any news items about any Xtra breach,but I'm still thinking someone has got a very complete list of Xtra addresses, but not passwords.

 

So have any others seen spam just start arriving on what should be unknown Xtra aliases?

 

 

 

 

 

Cheers,

 

res

 

 

 

 


Create new topic
hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #2222170 22-Apr-2019 13:41
Send private message

No it hasn't..
If your concerned, I'd change your password and check if any forwarders have been added.

It's more likely your accounts have traveled past a database which has leaked emails or another person's email account that has been accessed and scraped for potentional victims. Could very well be just pure coincidence that it's come to all your addresses.




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 




sbiddle
30853 posts

Uber Geek

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #2222172 22-Apr-2019 13:45
Send private message

Out of curiosity have you tried the email addresses on haveibeenpwned?

 

 


res

res

18 posts

Geek


  #2222543 23-Apr-2019 09:40
Send private message

hio77: No it hasn't..
If your concerned, I'd change your password and check if any forwarders have been added.

It's more likely your accounts have traveled past a database which has leaked emails or another person's email account that has been accessed and scraped for potentional victims. Could very well be just pure coincidence that it's come to all your addresses.

 

 

 

There's the issue though.  How does an alias I haven't used get scraped from someone else's address-book?  And I've already checked my account looking for forwarders or any signs of entry and could see nothing.

 

To me there only seem two options - I've been hacked despite complex password, or the email service has been (memories of Yahoo come flooding back!).  I don't see how I can rule out either?

 

 




res

res

18 posts

Geek


  #2222544 23-Apr-2019 09:42
Send private message

sbiddle:

 

Out of curiosity have you tried the email addresses on haveibeenpwned?

 

 

 

 

I'm  always reluctant to use these services, since they are a risk also, but I did run two of the addresses through it.  One was a hit, the other was not found.


freitasm
BDFL - Memuneh
79265 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2222547 23-Apr-2019 09:46
Send private message

That service is certainly not a risk. 





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


chevrolux
4962 posts

Uber Geek
Inactive user


  #2222584 23-Apr-2019 09:54
Send private message

I would of thought all the xtra addresses were totally screwed (in terms of being on every spammer's mail list) from the Yahoo breaches.

 

Why anyone still uses them is beyond me... but that's been discussed on here too many times to count so back to the OP.


hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #2222589 23-Apr-2019 10:38
Send private message

res:

 

There's the issue though.  How does an alias I haven't used get scraped from someone else's address-book?  And I've already checked my account looking for forwarders or any signs of entry and could see nothing.

 

 

So your account sounds good, Great news.

 

Unfortunately it's always possible that someone has their password set to "password" and they happen to be someone you have emailed with.

 

I'm not saying this IS how you would have gotten on a list, but it's a perfectly valid Vector, it might even be that they arent an xtramail customer at all.

 

As others have mentioned i'd give the email a check on haveibeenpwned. That will tell you if you were on any known leaks.

 

 

 

I'm in disbelief that you would have an alias setup that has been spammed without being a known address out there...

 

I've gone and logged into my xtramail test account which has one alias. I've used this on exactly 4 different addreses overtime, My work email, one customer's email to validate an issue (which was then fixed) and my other two personal accounts.

 

 

 

Going back a full year, this account has had 1 email ever. that was when i reset the password.

 

I've also validated on the back-end that it's not just spam was being caught before the inbox, it literally has nothing.

 

 

 

Based on that, I'd say i can quantify my disbelief with validation that there has been no leaked addresses.





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


 
 
 

Shop now on AliExpress (affiliate link).
LesF
176 posts

Master Geek


  #2222590 23-Apr-2019 10:38
Send private message

I have had my xtra email address seemingly forever and I would like to keep it, even tho Yahoo made a mess of things.  It's a nostalgia thing, I first used it over a dial-up modem.

 

Recently I made a big mistake signing up for a discount card at a local supermarket, in that I trusted them and gave my xtra address.

 

Almost immediately (in the biggest coincidence I have ever seen) I started receiving emails claiming to be from that same supermarket chain, offering me $$ for surveys, $$ in coupons just because "you have been chosen" and other obviously fake phishing type offers.  Then they started faking every other large retailer in the North Island, with exactly the same scams, from the same sender addresses.

 

I complained to the supermarket company which appeared to have triggered this but they denied everything, they would never give my email address away! My suspicion is somebody saw a quick way to make some cash by selling off email lists, but there is no way to prove such things so the company in question will remain nameless.

 

The spammer is using a set of templates which they insert local retailer names and logos into, they also seem to prefer compromised email relays as they are often sending from NZ companies.  This spam has been nearly constant for many months now and it doesn't look like it will stop.  Sadly the xtra spam filters (if they exist) cannot pick the obvious similarities in these bulk mailouts.

 

 


Technofreak
6530 posts

Uber Geek

Trusted

  #2222591 23-Apr-2019 10:40
Send private message

chevrolux:

 

I would of thought all the xtra addresses were totally screwed (in terms of being on every spammer's mail list) from the Yahoo breaches.

 

Why anyone still uses them is beyond me... but that's been discussed on here too many times to count so back to the OP.

 

 

I don't understand the "hate" you seem to have on Xtra. Their problems were caused by a mainstream provider, which they ditched. My personal experience with Xtra has been pretty damn good. I certainly prefer them to the intrusiveness of the likes of Google and Gmail.





Sony Xperia XA2 running Sailfish OS. https://sailfishos.org The true independent open source mobile OS 
Samsung Galaxy Tab S6
Dell Inspiron 14z i5


hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #2222592 23-Apr-2019 10:41
Send private message

LesF:

 

The spammer is using a set of templates which they insert local retailer names and logos into, they also seem to prefer compromised email relays as they are often sending from NZ companies.  This spam has been nearly constant for many months now and it doesn't look like it will stop.  Sadly the xtra spam filters (if they exist) cannot pick the obvious similarities in these bulk mailouts.

 

 

i can confirm they do exist.

 

 

 

the last little while has been very heavy with spam.

 

The thing that everyone isnt aware of is, while some does get through. there is a far greater quantity that is filtered out before it even hits the platform.





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


technico
19 posts

Geek


  #2222732 23-Apr-2019 15:55
Send private message

 

I'm in disbelief that you would have an alias setup that has been spammed without being a known address out there...

 

 

I've had my stem email address plus two UNUSED aliases also spammed - same as the OP.
Have checked on haveibeenpwned - all 3 are clear.

 

I run a tight ship as far as security goes - something badly wrong here.
Who is the bolt-on NZ email provider?

 

 

 

 


dfnt
1512 posts

Uber Geek

Lifetime subscriber

  #2222739 23-Apr-2019 16:13
Send private message

How unique are these aliases though, a spammer doesn't just use known email addresses.. they'll use dictionary based names for recipient names as a shotgun approach


hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #2222744 23-Apr-2019 16:48
Send private message

dfnt:

 

How unique are these aliases though, a spammer doesn't just use known email addresses.. they'll use dictionary based names for recipient names as a shotgun approach

 

 

Exactly this.

 

 

 

I'm yet to see any evidence that confirms the opinions shared.

 

Please, feel free to DM me examples and i'll give the box a shake see if any gems of information fall out..





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


MadEngineer
4274 posts

Uber Geek

Trusted

  #2222793 23-Apr-2019 18:41
Send private message

LesF:

I have had my xtra email address seemingly forever and I would like to keep it, even tho Yahoo made a mess of things.  It's a nostalgia thing, I first used it over a dial-up modem.


Recently I made a big mistake signing up for a discount card at a local supermarket, in that I trusted them and gave my xtra address.


Almost immediately (in the biggest coincidence I have ever seen) I started receiving emails claiming to be from that same supermarket chain, offering me $$ for surveys, $$ in coupons just because "you have been chosen" and other obviously fake phishing type offers.  Then they started faking every other large retailer in the North Island, with exactly the same scams, from the same sender addresses.


I complained to the supermarket company which appeared to have triggered this but they denied everything, they would never give my email address away! My suspicion is somebody saw a quick way to make some cash by selling off email lists, but there is no way to prove such things so the company in question will remain nameless.


The spammer is using a set of templates which they insert local retailer names and logos into, they also seem to prefer compromised email relays as they are often sending from NZ companies.  This spam has been nearly constant for many months now and it doesn't look like it will stop.  Sadly the xtra spam filters (if they exist) cannot pick the obvious similarities in these bulk mailouts.


 

do you still have a copy of the t&c of that sign up?




You're not on Atlantis anymore, Duncan Idaho.

technico
19 posts

Geek


  #2223111 24-Apr-2019 10:28
Send private message

hio77:

 

dfnt:

 

How unique are these aliases though, a spammer doesn't just use known email addresses.. they'll use dictionary based names for recipient names as a shotgun approach

 

 

Exactly this.

 

 

 

I'm yet to see any evidence that confirms the opinions shared.

 

Please, feel free to DM me examples and i'll give the box a shake see if any gems of information fall out..

 

 

Although there are no degrees of 'unique', I can say you would sit until cobwebs engulfed you trying to discover the aliases, even with the best dictionary attack tools.
Now, spam from the same Chinese (?) loan provider (?) has appeared on 4 aliases, 3 with same timestamp and template.


Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.