vendor email question (w/ followup)
03-02-06, 12:32 PM
#1
Driver School Candidate
Thread Starter
Join Date: Oct 2005
Location: Maryland
Posts: 13
Likes: 0
Received 0 Likes
on
0 Posts
vendor email question (w/ followup)
I bought some touchup paint from them awhile back and used my standard way of ordering with a vendor. Namely that I use a unique address tied to one of my domains. This way I can be sure I can find a username AND remember it. Addresses are not reused in anyway among internet sites.
Well, the one I used for lexus-parts.com is now getting quite a bit of phishing/spam traffic NOT from Lexus-parts.com (Sewell Lexus). Either lexus-parts.com inadvertently released the list or they intentionally released their email list. I don't know which one it was but either way leaves a bad taste in my mouth. While it could be possible that someone guessed it, the chance is very small due to the unique nature of the name I used.
This is just a warning to all of you who may think of purchasing from them. I can provide headers upon request. My business will be taken elsewhere.
SP
Well, the one I used for lexus-parts.com is now getting quite a bit of phishing/spam traffic NOT from Lexus-parts.com (Sewell Lexus). Either lexus-parts.com inadvertently released the list or they intentionally released their email list. I don't know which one it was but either way leaves a bad taste in my mouth. While it could be possible that someone guessed it, the chance is very small due to the unique nature of the name I used.
This is just a warning to all of you who may think of purchasing from them. I can provide headers upon request. My business will be taken elsewhere.
SP
03-02-06, 01:40 PM
#2
Driver School Candidate
Thread Starter
Join Date: Oct 2005
Location: Maryland
Posts: 13
Likes: 0
Received 0 Likes
on
0 Posts
Quick followup
I just got a polite phone call from Sewell Lexus and they are investigating what could have happened to cause the spam to happen.
This is the first time I have ever received a call from a company concerned this has happened and impressed me. That scores them big points in my book.
I may reconsider doing business with them after this depending on how the email got released.
I sincerely hope that a third party (or internal party) did not take the information.
My apologies to Sewell if this seems harsh but this did shock me as it happened.
SP
This is the first time I have ever received a call from a company concerned this has happened and impressed me. That scores them big points in my book.
I may reconsider doing business with them after this depending on how the email got released.I sincerely hope that a third party (or internal party) did not take the information.
My apologies to Sewell if this seems harsh but this did shock me as it happened.
SP
03-05-06, 05:09 PM
#6
Driver School Candidate
Thread Starter
Join Date: Oct 2005
Location: Maryland
Posts: 13
Likes: 0
Received 0 Likes
on
0 Posts
Well, here are the headers (minus the email address).
Standard eBay phishing scam. Lather rinse repeat x12 so far.
SP
Standard eBay phishing scam. Lather rinse repeat x12 so far.
PHP Code:
Return-path: <security@ebay.com>
Envelope-to: xxxxxxx@pryde.org
Delivery-date: Thu, 02 Mar 2006 14:40:00 -0500
Received: from [62.142.64.228] (port=1352 helo=mail.itecon.fi)
by xxxxxxxxxxxxxxxxxxx with esmtp (Exim 4.52)
id 1FEteM-0004MF-TP
for xxxxx@pryde.org; Thu, 02 Mar 2006 14:39:48 -0500
Received: from safeit.fi (unknown [62.142.65.143])
by mail.itecon.fi (Postfix) with ESMTP id C87986916;
Thu, 2 Mar 2006 21:37:42 +0200 (EET)
x-fsavag4mse-ts: bcc9bf9d8fb41b82
Received: from User ([81.181.170.130]) by safeit.fi with Microsoft SMTPSVC(6.0.3790.211); Thu, 2 Mar 2006 21:47:58 +0200
Reply-To: <aw-confirm@ebay.com>
From: "eBay Center" <security@ebay.com>
Keywords: disclaimer
Subject: [High Spam] Update Your eBay Account
Date: Thu, 2 Mar 2006 21:37:45 +0200
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
X-Priority: 1
X-MSMail-Priority: High
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.326
Message-ID: <KARHUJR1NBG0IBtIXT70000040d@safeit.fi>
X-OriginalArrivalTime: 02 Mar 2006 19:47:58.0765 (UTC) FILETIME=[3526A5D0:01C63E32]
To: undisclosed-recipients:;
Content-Transfer-Encoding: quoted-printable
X-AetheriHosting-MailScanner-Information: Please contact the ISP for more information
X-AetheriHosting-MailScanner: Found to be clean
X-AetheriHosting-MailScanner-SpamCheck: spam, SpamAssassin (score=111.938,
required 5, BAYES_00 -2.60, FORGED_MUA_OUTLOOK 4.06,
FORGED_OUTLOOK_HTML 2.71, FORGED_OUTLOOK_TAGS 2.49,
HTML_MESSAGE 0.00, MIME_HTML_ONLY 0.00, SARE_FORGED_EBAY 104.00,
UNDISC_RECIPS 0.84, X_PRIORITY_HIGH 0.43)
X-AetheriHosting-MailScanner-SpamScore: ssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss
X-MailScanner-From: security@ebay.com
03-09-06, 09:22 PM
#7
if the email addy is something that automated programs might try automatically, it's possible you just opened up a box that inadvertantly played into the spam mail's hand.
That'd be my guess.
That'd be my guess.
