Spam Emails - At what point do I change

sparky · Feb 26, 2019, 09:37:04

With some of the recent hacks that seem to have taken place, what was it? 700 million email addresses from somewhere, I now seem to be getting more and more spam emails into my Junk folder.

Does anyone think that there is a point at which you should be worried enough to change your email address? I have had my idnet.com email for years, but there seems no let up on spam these days. I'm getting about 30 plus in a 24hr period. I know that it goes in phases and they might eventually dry up to a certain degree.

I have checked it on the "Have I been Pwned" web site and it has been compromised about five times. I've recently changed all of my important web site passwords to make sure that there are no problems there, but am now wondering if I should finally change my email address with all the pain that goes with it, although no doubt, eventually that would get found out as well.

Any opinions appreciated.

Simon · Feb 26, 2019, 12:08:44

I've got several IDNet email addresses, and two of them get spammed to death, while the others are still relatively clear. You're right, in that it does seem come in phases. I would certainly be well stocked with blue pills at the moment if I took advantage of all of the offers that are coming through to one of my email accounts!

Personally, I see them more as a nuisance than a threat, and as long as you have secure passwords, and you don't respond to (or even open) any of the spam emails, then I don't really see them as that much of a security issue.

andrue · Feb 27, 2019, 20:40:52

I run my own email server. I also use a DEA system so that each contact gets their own address to use. If an address goes bad I blacklist it. It's interesting and amusing to look at my server and see what addresses are being rejected. One of the most prolific was blacklisted back in 2004 but there are multiple daily attempts to use it for spam. So 15 years of my server saying 'I don't accept email to that mailbox' and still the spam comes.

That address shows up on haveibeenpwned but only one instance - a spam bot.

Thankfully my server rejects it before it gets anywhere near my mail box.

Simon · Feb 27, 2019, 22:29:10

Quote from: andrue on Feb 27, 2019, 20:40:52
I run my own email server. I also use a DEA system so that each contact gets their own address to use. If an address goes bad I blacklist it. It's interesting and amusing to look at my server and see what addresses are being rejected. One of the most prolific was blacklisted back in 2004 but there are multiple daily attempts to use it for spam. So 15 years of my server saying 'I don't accept email to that mailbox' and still the spam comes.

That address shows up on haveibeenpwned but only one instance - a spam bot.

Thankfully my server rejects it before it gets anywhere near my mail box.

I'm not sure I trust 'haveibeenpwned'. I've just tried it with my main two email addresses and it says they've been compromised (a breach of the Malwarebytes forums was one!), but I put in the email address that is currently receiving about 100 spam emails per week, and it says "Good news — no pwnage found!"

zappaDPJ · Feb 28, 2019, 03:42:18

Quote from: Simon on Feb 27, 2019, 22:29:10
I'm not sure I trust 'haveibeenpwned'. I've just tried it with my main two email addresses and it says they've been compromised (a breach of the Malwarebytes forums was one!), but I put in the email address that is currently receiving about 100 spam emails per week, and it says "Good news — no pwnage found!"

Unlike similar sites such as leakedsource.ru (use at your own risk), haveibeenpwned.com owned by Troy Hunt is 100% legitimate and safe but reliant on people reporting compromised sites. Other sites, including the previously mentioned site gets its information from trading in stolen data. The list might be more comprehensive but I'd hesitate to submit anything into its engine.

I've been on the receiving end of some really nasty spam recently, threatening to send a split-screen video of my hacked webcam along with a porn video to all my contacts unless I pay bitcoins into the scammer's account. What did concern me was at least one of the emails contained a lot of personal information no doubt harvested from a compromised website.

I'm starting to wonder just how far some of these scammers will go and I now ensure that I delete just about all the email I receive from the server, most of which goes unread anyway.

sparky · Feb 28, 2019, 10:47:41

QuoteWhat did concern me was at least one of the emails contained a lot of personal information no doubt harvested from a compromised website.

I don't read them anymore, I've had those, plus blue pills plus "would you like to see my picture" etc, I just delete them from my junk folder, but I agree with this concern. Make you wonder how much someone relly needs to change the login details for one of your financial websites and steal your identity.

Think I might set up another email address for some more important stuff and leave the other one for more day to day activity.

Den · Mar 07, 2019, 18:02:05

I changed my password to "incorrect". So whenever I forget what it is the computer will say "Your password is incorrect".

Simon · Mar 07, 2019, 19:20:50

nowster · Mar 07, 2019, 21:31:55

A former colleague set his password to "no it isn't" and invited me to guess it.

Broadback · Mar 11, 2019, 10:05:18

Did You?

nowster · Mar 11, 2019, 11:58:25

Quote from: Broadback on Mar 11, 2019, 10:05:18
Did You?

No, over many attempts.