On Feb 16, 2013 3:30 PM, "Robin Wood" <[email protected]> wrote: > > > On Feb 16, 2013 2:56 PM, "James Costello" <[email protected]> wrote: > > > > I had this happen on one of my gmail accounts. Is the address exactly yours or does it have the google qualifiers (.+). When someone who was using [email protected] thought they could switch a bunch of their site accounts to the same address at gmail > > I received all of their emails for those > > I did consider that but the name is only 5 characters and there are no symbols in it. > > I've been getting these on and off for about a year but till the last few months it was only one every few months so unlikely a new account. > > Robin > > > On Saturday, February 16, 2013, allison nixon wrote: > >> > >> This is an interesting new scam. Thanks for bringing this up. Your theory sounds plausible, if that theme is common to all your emails. You're sure the sender is the true sender? > >> > >> If you care, it might be worth reporting to the service. They can ban the guy and take away incentive to do this to you. > >> > >> On Sat, Feb 16, 2013 at 5:02 AM, Robin Wood <[email protected]> wrote: > >>> > >>> I've got an old Gmail account that I've set up just to forward to my current account. I've not used it anywhere for years. > >>> > >>> In the last couple of months it has been used to sign up for a number of accounts on RPG sites. I know this because I've been getting emails telling me the address needs confirming before the account is fully opened. I assumed this was being done because the sites offer free gold to new sign ups and so the attacker was hoping I'd complete the process so they could then grab the gold. > >>> > >>> I can understand the logic there so I just ignore it but in the last couple of days I've also had mails from Lego and the NBA. Could these be trying to score referrer points? Lego just seems a bit of an odd target. > >>> > >>> They've also set up a match.com account which is active as that didn't appear to require address confirmation. > >>> > >>> Am I right in thinking gold stealing and referrer points? Could it be anything else? > >>> > >>> The account itself doesn't appear to be compromised. I've reset the password and checked for forwarders and things like that. > >>> > >>> Robin > >>> > >>>
Quick update, over 2 hours overnight I was signed up for 6 tumble accounts.Randomly spaced intervals, links in the emails were going to legit Tumblr URLs. I can't see any referral program for Tumblr sign ups so guess as they would have known the passwords for the sites they were trying to create blogs for some nefarious purpose. Robin
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
