Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


res



13 posts

Geek
+1 received by user: 3


# 249045 22-Apr-2019 13:32
Send private message quote this post

Hi all,

 

 

 

In the last few days I've noted that similar themed junk/scam mail started arriving not just on my base xtra email address but also on all 5 of its alias addresses.

 

I don't believe that it is my account that has been hacked, it has a reasonably strong password, and there are no signs of unexpected activity there.

 

Curiously, one of the aliases is not guessable and has not been used, while another was created soley to log on to a single web site.

 

A web search didn't find any news items about any Xtra breach,but I'm still thinking someone has got a very complete list of Xtra addresses, but not passwords.

 

So have any others seen spam just start arriving on what should be unknown Xtra aliases?

 

 

 

 

 

Cheers,

 

res

 

 

 

 


Create new topic
'That VDSL Cat'
10507 posts

Uber Geek
+1 received by user: 2527

Trusted
Spark
Subscriber

  # 2222170 22-Apr-2019 13:41
Send private message quote this post

No it hasn't..
If your concerned, I'd change your password and check if any forwarders have been added.

It's more likely your accounts have traveled past a database which has leaked emails or another person's email account that has been accessed and scraped for potentional victims. Could very well be just pure coincidence that it's come to all your addresses.




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


27989 posts

Uber Geek
+1 received by user: 7470

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 2222172 22-Apr-2019 13:45
One person supports this post
Send private message quote this post

Out of curiosity have you tried the email addresses on haveibeenpwned?

 

 


 
 
 
 


res



13 posts

Geek
+1 received by user: 3


  # 2222543 23-Apr-2019 09:40
Send private message quote this post

hio77: No it hasn't..
If your concerned, I'd change your password and check if any forwarders have been added.

It's more likely your accounts have traveled past a database which has leaked emails or another person's email account that has been accessed and scraped for potentional victims. Could very well be just pure coincidence that it's come to all your addresses.

 

 

 

There's the issue though.  How does an alias I haven't used get scraped from someone else's address-book?  And I've already checked my account looking for forwarders or any signs of entry and could see nothing.

 

To me there only seem two options - I've been hacked despite complex password, or the email service has been (memories of Yahoo come flooding back!).  I don't see how I can rule out either?

 

 


res



13 posts

Geek
+1 received by user: 3


  # 2222544 23-Apr-2019 09:42
Send private message quote this post

sbiddle:

 

Out of curiosity have you tried the email addresses on haveibeenpwned?

 

 

 

 

I'm  always reluctant to use these services, since they are a risk also, but I did run two of the addresses through it.  One was a hit, the other was not found.


4082 posts

Uber Geek
+1 received by user: 1768

Subscriber

  # 2222584 23-Apr-2019 09:54
One person supports this post
Send private message quote this post

I would of thought all the xtra addresses were totally screwed (in terms of being on every spammer's mail list) from the Yahoo breaches.

 

Why anyone still uses them is beyond me... but that's been discussed on here too many times to count so back to the OP.


'That VDSL Cat'
10507 posts

Uber Geek
+1 received by user: 2527

Trusted
Spark
Subscriber

  # 2222589 23-Apr-2019 10:38
Send private message quote this post

res:

 

There's the issue though.  How does an alias I haven't used get scraped from someone else's address-book?  And I've already checked my account looking for forwarders or any signs of entry and could see nothing.

 

 

So your account sounds good, Great news.

 

Unfortunately it's always possible that someone has their password set to "password" and they happen to be someone you have emailed with.

 

I'm not saying this IS how you would have gotten on a list, but it's a perfectly valid Vector, it might even be that they arent an xtramail customer at all.

 

As others have mentioned i'd give the email a check on haveibeenpwned. That will tell you if you were on any known leaks.

 

 

 

I'm in disbelief that you would have an alias setup that has been spammed without being a known address out there...

 

I've gone and logged into my xtramail test account which has one alias. I've used this on exactly 4 different addreses overtime, My work email, one customer's email to validate an issue (which was then fixed) and my other two personal accounts.

 

 

 

Going back a full year, this account has had 1 email ever. that was when i reset the password.

 

I've also validated on the back-end that it's not just spam was being caught before the inbox, it literally has nothing.

 

 

 

Based on that, I'd say i can quantify my disbelief with validation that there has been no leaked addresses.





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


 
 
 
 


171 posts

Master Geek
+1 received by user: 26


  # 2222590 23-Apr-2019 10:38
One person supports this post
Send private message quote this post

I have had my xtra email address seemingly forever and I would like to keep it, even tho Yahoo made a mess of things.  It's a nostalgia thing, I first used it over a dial-up modem.

 

Recently I made a big mistake signing up for a discount card at a local supermarket, in that I trusted them and gave my xtra address.

 

Almost immediately (in the biggest coincidence I have ever seen) I started receiving emails claiming to be from that same supermarket chain, offering me $$ for surveys, $$ in coupons just because "you have been chosen" and other obviously fake phishing type offers.  Then they started faking every other large retailer in the North Island, with exactly the same scams, from the same sender addresses.

 

I complained to the supermarket company which appeared to have triggered this but they denied everything, they would never give my email address away! My suspicion is somebody saw a quick way to make some cash by selling off email lists, but there is no way to prove such things so the company in question will remain nameless.

 

The spammer is using a set of templates which they insert local retailer names and logos into, they also seem to prefer compromised email relays as they are often sending from NZ companies.  This spam has been nearly constant for many months now and it doesn't look like it will stop.  Sadly the xtra spam filters (if they exist) cannot pick the obvious similarities in these bulk mailouts.

 

 


3181 posts

Uber Geek
+1 received by user: 698

Trusted

  # 2222591 23-Apr-2019 10:40
Send private message quote this post

chevrolux:

 

I would of thought all the xtra addresses were totally screwed (in terms of being on every spammer's mail list) from the Yahoo breaches.

 

Why anyone still uses them is beyond me... but that's been discussed on here too many times to count so back to the OP.

 

 

I don't understand the "hate" you seem to have on Xtra. Their problems were caused by a mainstream provider, which they ditched. My personal experience with Xtra has been pretty damn good. I certainly prefer them to the intrusiveness of the likes of Google and Gmail.





Sony Xperia X running Sailfish OS. https://sailfishos.org The true independent open source mobile OS 
Samsung Galaxy Tab S3
Nokia N1
Dell Inspiron 14z i5


'That VDSL Cat'
10507 posts

Uber Geek
+1 received by user: 2527

Trusted
Spark
Subscriber

  # 2222592 23-Apr-2019 10:41
One person supports this post
Send private message quote this post

LesF:

 

The spammer is using a set of templates which they insert local retailer names and logos into, they also seem to prefer compromised email relays as they are often sending from NZ companies.  This spam has been nearly constant for many months now and it doesn't look like it will stop.  Sadly the xtra spam filters (if they exist) cannot pick the obvious similarities in these bulk mailouts.

 

 

i can confirm they do exist.

 

 

 

the last little while has been very heavy with spam.

 

The thing that everyone isnt aware of is, while some does get through. there is a far greater quantity that is filtered out before it even hits the platform.





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


6 posts

Wannabe Geek


  # 2222732 23-Apr-2019 15:55
Send private message quote this post

 

I'm in disbelief that you would have an alias setup that has been spammed without being a known address out there...

 

 

I've had my stem email address plus two UNUSED aliases also spammed - same as the OP.
Have checked on haveibeenpwned - all 3 are clear.

 

I run a tight ship as far as security goes - something badly wrong here.
Who is the bolt-on NZ email provider?

 

 

 

 


defiant
900 posts

Ultimate Geek
+1 received by user: 491

Lifetime subscriber

  # 2222739 23-Apr-2019 16:13
2 people support this post
Send private message quote this post

How unique are these aliases though, a spammer doesn't just use known email addresses.. they'll use dictionary based names for recipient names as a shotgun approach


'That VDSL Cat'
10507 posts

Uber Geek
+1 received by user: 2527

Trusted
Spark
Subscriber

  # 2222744 23-Apr-2019 16:48
One person supports this post
Send private message quote this post

dfnt:

 

How unique are these aliases though, a spammer doesn't just use known email addresses.. they'll use dictionary based names for recipient names as a shotgun approach

 

 

Exactly this.

 

 

 

I'm yet to see any evidence that confirms the opinions shared.

 

Please, feel free to DM me examples and i'll give the box a shake see if any gems of information fall out..





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.


1862 posts

Uber Geek
+1 received by user: 548


  # 2222793 23-Apr-2019 18:41
Send private message quote this post

LesF:

I have had my xtra email address seemingly forever and I would like to keep it, even tho Yahoo made a mess of things.  It's a nostalgia thing, I first used it over a dial-up modem.


Recently I made a big mistake signing up for a discount card at a local supermarket, in that I trusted them and gave my xtra address.


Almost immediately (in the biggest coincidence I have ever seen) I started receiving emails claiming to be from that same supermarket chain, offering me $$ for surveys, $$ in coupons just because "you have been chosen" and other obviously fake phishing type offers.  Then they started faking every other large retailer in the North Island, with exactly the same scams, from the same sender addresses.


I complained to the supermarket company which appeared to have triggered this but they denied everything, they would never give my email address away! My suspicion is somebody saw a quick way to make some cash by selling off email lists, but there is no way to prove such things so the company in question will remain nameless.


The spammer is using a set of templates which they insert local retailer names and logos into, they also seem to prefer compromised email relays as they are often sending from NZ companies.  This spam has been nearly constant for many months now and it doesn't look like it will stop.  Sadly the xtra spam filters (if they exist) cannot pick the obvious similarities in these bulk mailouts.


 

do you still have a copy of the t&c of that sign up?

6 posts

Wannabe Geek


  # 2223111 24-Apr-2019 10:28
Send private message quote this post

hio77:

 

dfnt:

 

How unique are these aliases though, a spammer doesn't just use known email addresses.. they'll use dictionary based names for recipient names as a shotgun approach

 

 

Exactly this.

 

 

 

I'm yet to see any evidence that confirms the opinions shared.

 

Please, feel free to DM me examples and i'll give the box a shake see if any gems of information fall out..

 

 

Although there are no degrees of 'unique', I can say you would sit until cobwebs engulfed you trying to discover the aliases, even with the best dictionary attack tools.
Now, spam from the same Chinese (?) loan provider (?) has appeared on 4 aliases, 3 with same timestamp and template.


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Huawei's scholarship programme showcases international business to Kiwi undergrads
Posted 22-Jul-2019 17:53


Spark Sport launches across a range of new devices
Posted 22-Jul-2019 13:19


Dunedin selects Telensa to deliver smart street lighting for 15,000 LEDs
Posted 18-Jul-2019 10:21


Sprint announces a connected wallet card with built-in IoT support
Posted 18-Jul-2019 08:36


Educational tool developed at Otago makes international launch
Posted 17-Jul-2019 21:57


Symantec introduces cloud access security solution
Posted 17-Jul-2019 21:48


New Zealand government unveils new digital service to make business easier
Posted 16-Jul-2019 17:35


Scientists unveil image of quantum entanglement
Posted 13-Jul-2019 06:00


Hackers to be challenged at University of Waikato
Posted 12-Jul-2019 21:34


OPPO Reno Z now available in New Zealand
Posted 12-Jul-2019 21:28


Sony introduces WF-1000XM3 wireless headphones with noise cancellation
Posted 8-Jul-2019 16:56


Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20


New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09


ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05


New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.