How did spammers get my DevMaster.net e-mail address?

1774451b89ebcd84d0baa4efc00e72db
0
mjjw 101 Feb 12, 2009 at 11:48

When I signed up for DevMaster, as I do with all sites I used an e-mail address unique to this site (I have unlimited email addresses so I use a different one for each site I ever sign up for).

About 10 minutes ago I received spam to that e-mail address. The only thing this e-mail address has ever been used for is to sign up this this site (and was created specifically for that purpose).

Can anyone from this site explain how the spammer got my e-mail address?

The spam had a from line of : Annerose Weiß and a reply address of kingvljoensnyders@gmail.com

Has any other site member had the same spam?

21 Replies

Please log in or register to post a reply.

3c5be51fdeec526e1f232d6b68cc0954
0
Sol_HSA 119 Feb 12, 2009 at 12:21

Yup, got one. Seems like a standard “there’s billion dollars of yours here, you can get it if you give us money first”-scam.

99f6aeec9715bb034bba93ba2a7eb360
0
Nick 102 Feb 12, 2009 at 12:55

@mjjw

Can anyone from this site explain how the spammer got my e-mail address?

Some spambots simply keep guessing e-mail addresses. There are even commercial e-mail ‘broadcasting’ applications to ‘expand your markets’.

Unless your e-mail address consists of completely random characters, it’s not that hard to find for a spambot that uses some succesful patterns… :sad:

A8433b04cb41dd57113740b779f61acb
0
Reedbeta 167 Feb 12, 2009 at 17:09

Hmm, I got the same message…

EDIT: I’m following up with Dia to see if there might have been some intrusion.

7daed93f96b8b5160b47af2f68a4bc86
0
zebeste 101 Feb 12, 2009 at 17:17

Got one also (actually two, one about a week ago). I was wondering how they got my email address.

4cb2d2b30b08fb6b34e2175324a5d2e9
0
Grumpy 101 Feb 12, 2009 at 18:52

Nope… didn’t get any … Just the same ol’ Viagra adds in my spam box.

Grumpy

A0c9c0649c5deacc0ae3b7f7721c94d2
0
starstutter 101 Feb 12, 2009 at 19:43

Man this is strange, I got the exact same type of message this morning.

860fe478a2545d6c07b88c759292499e
0
SmokingRope 101 Feb 12, 2009 at 20:05

I got one too. Perhaps we will all be billionaires soon. :lol:

Fdbdc4176840d77fe6a8deca457595ab
0
dk 158 Feb 12, 2009 at 21:31

Hmm…I received the same spam message to my email too, but I also received one to my non-devmaster emails. I wonder how we can find out if some hacking attempt occurred, or whether this is one of those random mass-email spams…

In any case, we’ll investigate and analyze the log files to find out if anything suspicious is going on. Thanks for bringing this to our attention.

6f0a333c785da81d479a0f58c2ccb203
0
monjardin 102 Feb 12, 2009 at 22:31

I got the message from “Annerose Weiß” today too. I thought it was odd because stuff like that hardly ever gets through my spam filter.

1774451b89ebcd84d0baa4efc00e72db
0
mjjw 101 Feb 12, 2009 at 23:06

@Reedbeta

Hmm, I got the same message… EDIT: I’m following up with Dia to see if there might have been some intrusion.

Thankyou! Please keep me posted.

64212d89ffc7e91ed54b96ebbe99bd05
0
hovermonkey 101 Feb 14, 2009 at 13:26

I too got the Annerose spam along with some other 419 scams. They are using my previously registered email address (devmaster@… so it’s obviously this site they got it from) instead of my new one. I was using that address between Sept. 2006 and Sept. 2008, if that helps.

7f8822d3b7d408c17ae479369762eaf0
0
dannthr 101 Feb 16, 2009 at 00:17

When I was young, I used to have decoy hotmail addresses that I would use for crap stuff if I ever needed an address and I didn’t want to give people my regular address.

One of the hotmail addresses I had never used, for some reason I checked it and was warned that if I didn’t use it, hotmail would delete it, so I sent a decoy email from my personal aol address.

After that, the hotmail account started receiving steady spam. Enough to keep it open and “in-use.”

How, I don’t know.

6aa952514ff4e5439df1e9e6d337b864
0
roel 101 Feb 16, 2009 at 10:29

@monjardin

I got the message from “Annerose Weiß” today too. I thought it was odd because stuff like that hardly ever gets through my spam filter.

I second that. This was actually the first one that slipped through my ISP’s spam filter.

Maybe it is all a coincidence, but there really appears to be a relation with devmaster.

B91eae75cd6245bd8074bd0c3f1cc495
0
Nils_Pipenbrinck 101 Feb 16, 2009 at 10:31

Just for the statistics: I got the email as well.

1f0b400b7bc10741f51b16b9b5a20545
0
LeGreg 101 Feb 28, 2009 at 23:23

@Nick

Some spambots simply keep guessing e-mail addresses. There are even commercial e-mail ‘broadcasting’ applications to ‘expand your markets’. Unless your e-mail address consists of completely random characters, it’s not that hard to find for a spambot that uses some succesful patterns… :sad:

huh no they can’t guess that easily. If an address is only used in one place (say devmaster forum) and not of common aliases (webmaster@, info@, sales@ etc) I don’t see how they could guess that one. Else how come they don’t guess other aliases that are used on other websites.

I think the devmaster site has been compromised. It’s not uncommon with those packaged forums (phpbb, vbulletin etc).

I’ve got one too from “Sport2plus”.

Fdbdc4176840d77fe6a8deca457595ab
0
dk 158 Mar 03, 2009 at 10:02

From the investigation performed, it looks like the database has been compromised through a specific site script (not related to the forums - the security level of the forum software we use is known to be pretty high. In any case, I’ve applied the latest security patches to the forums).

Security is taken very seriously; we have had many measures on the server to prevent things like SQL injections and so on. But unfortunately, it looks like a loophole was found. It has been patched now.

In the next month or so, we’ll update the forums software to ensure we have the latest security features (as well as the latest cool forum features).

Our sincere apologies to everyone for this mishap. Rest assured however that the only sensitive information we have in the database are the emails. The passwords are stored in encrypted form, so they are perfectly safe.

Hopefully, this will not happen again.

7f8822d3b7d408c17ae479369762eaf0
0
dannthr 101 Mar 04, 2009 at 14:51

Well, thanks for keeping us posted and informed.

340bf64ac6abda6e40f7e860279823cb
0
_oisyn 101 Mar 04, 2009 at 15:42

For exactly this reason I use separate e-mail adresses and passwords for each site I need to have an account for. Not that I don’t trust the sites, but simply to be protected in the event security is compromised.

Unfortunately, I registered to devmaster before I started to apply this policy :/

6f0a333c785da81d479a0f58c2ccb203
0
monjardin 102 Mar 04, 2009 at 16:09

@.oisyn

Unfortunately, I registered to devmaster before I started to apply this policy :/

Me too. :(

Ca6d9debcb084bb00845862128c41c99
0
ernow 101 Mar 13, 2009 at 14:35

Tip: change your email address in your profile and block the previous one if you used the policy of using a specific email address for this forum.

I am getting the $5.1 million offers now daily on the devmaster account.

6f0a333c785da81d479a0f58c2ccb203
0
monjardin 102 Mar 13, 2009 at 21:17

…or hit the SPAM button in GMail.