Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[crowfan]

Sorry, I deleted the email (can't paste the header).

Oh, BTW, my email is also set to "hide from public" here on interact.

I did sign into the message board for a minute the other day. But I used the generic login that is filled in by default, something like "Visitor247" or whatever. I did not have to provide an email address. I just clicked the link that was provided in a post here on Interact, then clicked the Sign In button at the chat forum.

Hope it helps,

crow

[c1c9k72]

Late to the party, but I received two of them.  One at my original address here (xxx@comcast.net) and one at the address I'm currently using (xxx@yahoo.com).

[JimH]

I'm wondering if the e-mail address could be collected by a virus on your PC that sweeps through the web browser cache.

If someone sends you a private message on Interact, can you see their e-mail address?  That page would be stored in the local cache on a PC.

[RhinoBanga]

If you got the spam, could you please post the header info (minus personal details) here please? I need to know if they all came from the same mailer.

I'll post it when I get home in an hour.

Rhino - did you use a real e-mail address when registering

With what?   MC, my IRC nick?

but it is possible the chat room was hacked.

Even if it was how could they have got my real addy when I configured my IRC client (called Klient and not that rubbish mIRC) with a bogus email addy?

[JimH]

The address is xxxx @ yahoo (not .com but .es)

When anyone reports their domain, please report the domain name as, for example, yahoo.com or yahoo.es.  There is no need to use any spaces or otherwise obscure the domain.  

[LisaRCT]

If you got the spam, could you please post the header info (minus personal details) here please? I need to know if they all came from the same mailer.

j

X-Apparently-To: xxxxxx@yahoo.com via 216.136.130.XX; Thu, 08 Jan 2004 21:36:43 -0800
X-YahooFilteredBulk: 193.28.100.XXX
Date: Fri, 9 Jan 2004 06:36:42 +0100 (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To: xxxxxx@yahoo.com
Subject: Verify your identity

(obviously I blocked out the info behind the "X's"

[JimH]

Even if it was how could they have got my real addy when I configured my IRC client (called Klient and not that rubbish mIRC) with a bogus email addy?

Because any application on your PC could potentially look through your trash (cache).

[Stilton]

We don't sell or otherwise provide your e-mail address to anyone.  

Many of these schemes are based on worms that can read an e-mail address book and then use the addresses to send more and also use the addresses as the sender name.  So if the address was in an e-mail address book anywhere, it's possible for the worm to find it.

A second possibility is that someone's e-mail server is being used to capture addresses.

Another possibility is that the addresses are publicly visible here on Interact.  Can you see each other's addresses?  If so, a robot can collect them.

Still another is that addresses are being randomly generated.  fromjriver would be a logical one.

There are other possibilities, but WE DO NOT PROVIDE YOUR ADDRESS TO ANYONE ELSE.

I don't think it's any of these possibilities.  My email addies won't be in anyone's email address book, because they are not visible. They aren't visible on the forum (I've got hthe 'hidden' check.

I don't think mine could be guessed. The format of the email is anything@username.vispa.co.uk (not a well-known ISP). the 'anything' bit in question is 'mc' and 'jriver'.

As I have mentioned earlier I'm sure that both of my jriver email addies have been spammed - my forum one and my registration email address for the software. But as no one else is reporting this, perhaps mine is an anomily.

Again I'm not suggesting you are selling email addresses from paying customers - but could it not be possible uknown to you your database has been compromised?

I'd be suprised if it was a general spambot - so many specific jriver people have been targetted and have been sent the same email in such a short space of time. Sounds like someone is specifically targetting the forum and/or your registration database.

Also I highly doubt that it's a virus unless the virus - again, because it's happened to so many people on the forum (unless, of course, it came with the software...). And I'm, as I'm sure many others are, highly vigilent when it comes to virus scanning & protection.

[RhinoBanga]

Even if it was how could they have got my real addy when I configured my IRC client (called Klient and not that rubbish mIRC) with a bogus email addy?

Because any application on your PC could potentially look through your trash (cache).

What you are suggesting is that the IRC server we connected to knew a) what client we were using and b) knew of exploits for that client (and we are not talking about mIRC here but others too including Java based ones) is unlikely I think.

Mind you the fact that others who never used the chat room are reporting the spam sort of kills that idea.

[zevele10]

using the chat room and no spam

Beside it ,i do not see how to be in the chat room can tell to one what my email his

[sraymond]

But the question was "did you use the chat room?"

Sounds like you did.

I use the chat room, but I haven't gotten phished.

Which is strange, 'cause I get a ton of spam anyway :-)  Maybe my ISP (SBCGlobal) was kind enough to block it for me?

Scott-

[JimH]

I don't think mine could be guessed. The format of the email is anything@username.vispa.co.uk (not a well-known ISP). the 'anything' bit in question is 'mc' and 'jriver'.

Anything is possible.  We're still gathering facts.

It is definitely possible to guess the address you've given.  Lists are now being compiled by brute force methods.  Here is an example:

For every domain known

E-mail is sent to
aaaaaaaa@domain.com
aaaaaaab@domain.com
aaaaaaac@domain.com

and so on.

Bounces are recorded.  Lists of addresses sent and bounces received are compared to extract the list of addresses that do not bounce.

[NoCodeUK]

I use the chat room too... I have not received the email...  Incidentally however it is the email address I used to register with MC in the first place...

Adam

[crowfan]

Jim and JRiver,

I use MyIE2 for all surfing, including Interact. Every time I close it, it clears the cache and history.  I've also never used the PMs here.

Hope this helps,

crow

[Doof]

I've used the same email address to register for this forum (hidden) and purchase MC 10.0.

I used the chat room for about a minute, although I never provided an email address.

No spam here.

[RhinoBanga]

Here's the headers.

I have replaced my email address with !!!!!!


Microsoft Mail Internet Headers Version 2.0
Received: from exchange-pop3-connector.com ([127.0.0.1]) by fileserver.jdnet.co.uk.local with Microsoft SMTPSVC(6.0.3790.0);
    Thu, 8 Jan 2004 16:25:25 +0000
Return-path: <verification@paypal.com>
Envelope-to: !!!!!!!!!!!!!!
Delivery-date: Thu, 08 Jan 2004 16:24:30 +0000
Received: from [193.28.100.167] (helo=mail.epost.de)
   by delta.eukhost.com with esmtp (Exim 4.24)
   id 1AecxN-0006d1-3i
   for !!!!!!!!!!!!!!; Thu, 08 Jan 2004 16:24:25 +0000
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as barney@epost.de)
        id 3FFD68CE00003DDD for !!!!!!!!!!!!!!; Thu, 8 Jan 2004 17:24:28 +0100
Date: Thu, 8 Jan 2004 17:24:28 +0100 (added by postmaster@mail.epost.de)
Message-ID: <3FFD68CE00003DDD@PPD27104.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To: !!!!!!!!!!!!!!
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
X-MailScanner-Information: Please contact the ISP for more information
X-MailScanner: Found to be clean
X-OriginalArrivalTime: 08 Jan 2004 16:25:25.0765 (UTC) FILETIME=[058A0350:01C3D604]

[JimH]

My own e-mail address is entered multiple times on Interact and I have not received this spam in the last three days.  I have seen similar messages before.

[JimH]

We've now spent an hour or so checking for known security problems in the (well known) software we use for the forum.  We can't find any so far.  We will keep looking.

[gpvillamil]

The message I got had original sender nathaly@epost.de

I can pretty much guarantee that my system is secure, for reasons that I won't get into in a compromised forum ;-)

I own a domain, and if someone had been trying permutations of e-mail addresses based on it I would have seen all the variants. Any e-mail to my domain that doesn't match a valid address is not bounced - it is captured in a default account.

Lilkeliest hypothesis is that the forum, and possibly the registration database, have been compromised. Good security policy is to assume this is the case, and take remedial measures.

As I said before, better post/e-mail users of the board and warn them about the possibility, especially about the fake PayPal e-mail - there are a lot of newbies on this board who may be taken! THIS SHOULD BE DONE AT ONCE EVEN IF THERE IS ONLY THE POSSIBILITY THAT THE FORUM HAS BEEN COMPROMISED.

The other thing to do is to warn Paypal at spoof@paypal.com - tracking down whoever got these addresses is a clue to the identity of whoever is sending out the phishing e-mails.

[retrospek]

Unfortunately I deleted the email when I received it earlier.

However, I did have a look at the header before I deleted it - and I can confirm that mine also had 'epost.de' in the header.

Cheers,
Mark

[LonWar]

What do you mean by HEADERS??

Both email addresses have been given to JRiver and I received an email on both.

@sympatico.ca
@hotmail.com

[RhinoBanga]

The epost.de is common to all the headers so far.

So it sounds like they had an open SMTP server.

[JimH]

Or that they are a spam service provider.

[gpvillamil]

Or that they are a spam service provider.

The German postal service?

[Griff]

Didnt use chat rm/dont belong to paypal/use window washer.

Received one yesterday to my main garb. acct. Hotmail.
Deleted it.

Have another acct. bellsouth only two people have this addr. and not JRiver.

Got one today in it.

Return-Path: <verification@paypal.com>
Received: from mail.epost.de ([193.28.100.164])
          by imf00aec.mail.bellsouth.net
          (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP
          id <20040109053017.QAOT1877.imf00aec.mail.bellsouth.net@mail.epost.de>
          for <xxxxxxxx@bellsouth.net>; Fri, 9 Jan 2004 00:30:17 -0500
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as nathaly@epost.de)
        id 3FFDEAA50000FD05 for xxxxxxxx@bellsouth.net; Fri, 9 Jan 2004 06:30:17 +0100
Date: Fri, 9 Jan 2004 06:30:17 +0100 (added by postmaster@mail.epost.de)
Message-ID: <3FFDEAA50000FD05@PPD27101.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To: xxxxxxxx@bellsouth.net
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit<html>

Jim if I didnt xx out enough, please do so for me
Dont know much about this stuff

Griff

[Ingo]

epost.de is connected to Germany's formerly state run mail service....
I don't think they want to serve spammers, but they are probably as clueless in their ebusiness as the are in the rest of their stuff.

Ingo

[JimH]

Have another acct. bellsouth only two people have this addr. and not JRiver.  Got one today in it.

Thanks.  That's what I've been looking for.  That's an important clue.

[RhinoBanga]

Or that they are a spam service provider.

The domain epost.de domain looks like a German postal service and and they are not on the popular spam blacklist lists my mailserver uses:

list.dsbl.org
blackholes.mail-abuse.org
relays.ordb.org
bl.spamcop.net
spl.spamhaus.org


EDIT:  Sorry ... I just noticed ingo's post.

[Stilton]

I don't think mine could be guessed. The format of the email is anything@username.vispa.co.uk (not a well-known ISP). the 'anything' bit in question is 'mc' and 'jriver'.

Anything is possible.  We're still gathering facts.

It is definitely possible to guess the address you've given.  Lists are now being compiled by brute force methods.  Here is an example:

For every domain known

E-mail is sent to
aaaaaaaa@domain.com
aaaaaaab@domain.com
aaaaaaac@domain.com

and so on.

Bounces are recorded.  Lists of addresses sent and bounces received are compared to extract the list of addresses that do not bounce.

If this was the case, I would have received emails to aaaaaaaa@username.vispa.co.uk, aaaaaaab@username.vispa.co.uk etc. I've only recieved them to mc@ and jriver@.

[Tangoman]

Fri, 9 Jan 2004 05:58:12 +0100 (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
To: xxx@yahoo.com
Subject: Verify your identity

I got this to. I take it that credit card numbers have not been compromised. just email addresses.
I just registered for MC10 a few days ago.

Cheers Tangodude

[Jaguu]

I have received all 4 penpal mails at the email address of my J River Jaguu account. My business mail address I used to buy Media Center was not touched, so it looks as the J River registration/buy database is not the culprit.

Do not use chat, send messages to individual users on Interact from time to time, my email in Interact profile was not hidden so far, is hidden now!

Return-Path: <verification@paypal.com>
Original-Recipient: rfc822;xxxxxx@xxxxxx.ch
Received: from mail.epost.de (193.28.100.166) by mx1.xxxxx.ch (6.7.019)
        id 3FFAAC8700086E0F for xxxxxx@xxxxxi.ch; Fri, 9 Jan 2004 02:25:46 +0100
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as barney@epost.de)
        id 3FF19CFB0012A262 for xxxxxx@xxxxxx.ch; Fri, 9 Jan 2004 02:25:46 +0100
Date: Fri, 9 Jan 2004 02:25:46 +0100 (added by postmaster@mail.epost.de)
Message-ID: <3FF19CFB0012A262@PPD27103.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To: xxxxxx@xxxxxx.ch
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit<html>

[JimH]

We now believe that the database was accessed from the outside.  It exists on a machine that is outside our firewall  (it has to be).  The only thing on it that would affect you is the e-mail address database.

We'll report more when we know it.

[jeffh]

Count me in as well...  Here are the headers...

X-Apparently-To: XXX@yahoo.com via 66.218.79.42; Thu, 08 Jan 2004 18:02:54 -0800
X-YahooFilteredBulk: 193.28.100.187
Return-Path: <verification@paypal.com>
Received: from 193.28.100.187 (EHLO mail.epost.de) (193.28.100.187) by mta233.mail.scd.yahoo.com with SMTP; Thu, 08 Jan 2004 18:02:54 -0800
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as barney@epost.de) id 3FEB549800205B1A for XXX@yahoo.com; Fri, 9 Jan 2004 03:02:54 +0100
Date: Fri, 9 Jan 2004 03:02:54 +0100 (added by postmaster@mail.epost.de)
Message-ID: <3FEB549800205B1A@ppd27106.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>  Add to Address Book
X-Mailer: PayPal Mailer
Reply-to: "PayPal" <verification@paypal.com>
To: XXX@yahoo.com
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit<html>
 <head>
Content-Length: 1899

[LonWar]

How do I get the headers??

[Cmagic]

Hi folks,

imjustagamer, in outlook right click on message and select Options you will get the header.

I received one yesterday with following header :

Return-Path: <verification@paypal.com>
Received: (qmail 8230 invoked from network); 8 Jan 2004 05:45:57 -0000
Received: from mail.epost.de (193.28.100.187)
  by mrelay5-2.free.fr with SMTP; 8 Jan 2004 05:45:57 -0000
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as barney@epost.de)
        id 3FEB5498001DD309  Thu, 8 Jan 2004 06:45:56 +0100
Date: Thu, 8 Jan 2004 06:45:56 +0100 (added by postmaster@mail.epost.de)
Message-ID: <3FEB5498001DD309@ppd27106.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To:
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit<html>
<head>

thanks,

C.

[LonWar]

I spoke to 10 people at work that use paypal and knowone else received the emails.
Seems to only be people from here??

I don't want to sound paranoid and I will only ask this once... Jim are the Credit Card #'s at risk or was it just the email addresses...
If there is a possiblity that someone may have been able to get the #'s I would like to know.
Jim, if you say that they are secure, I will not raise this issue again.

Thanks and have a good weekend.

[KingSparta]

this is the one I got yesterday


Return-path: <Do_Not_Reply@paypal.com>
Received: from ms-mta-01-eri0 (ms-mta-01-qfe1 [10.10.5.70])
 by ms-mss-03.southeast.rr.com
 (iPlanet Messaging Server 5.2 HotFix 1.12 (built Feb 13 2003))
 with ESMTP id <0HR6002RFK8DD3@ms-mss-03.southeast.rr.com> for
 xxxxxx%nc.rr.com@ims-ms-daemon; Thu, 08 Jan 2004 11:53:01 -0500 (EST)
Received: from vamx02.mgw.rr.com (vamx02.mgw.rr.com [24.30.200.18])
 by ms-mta-01.southeast.rr.com
 (iPlanet Messaging Server 5.2 HotFix 1.12 (built Feb 13 2003))
 with ESMTP id <0HR60018PK8DX0@ms-mta-01.southeast.rr.com> for
 xxxxxx@nc.rr.com (ORCPT xxxxxx@nc.rr.com); Thu,
 08 Jan 2004 11:53:01 -0500 (EST)
Received: from localhost (conm200-58-214-227.epm.net.co [200.58.214.227])
   by vamx02.mgw.rr.com (8.12.10/8.12. with SMTP id i08GqcgG016208   for
 <xxxxxx@nc.rr.com>; Thu, 08 Jan 2004 11:52:48 -0500 (EST)
Date: Thu, 08 Jan 2004 11:52:38 -0500 (EST)
From: "PayPal.com" <Do_Not_Reply@paypal.com>
Subject: IMPORTANT                                           kohkeeke
To: xxxxxx <xxxxxx@nc.rr.com>
Reply-to: Do_Not_Reply@paypal.com
Message-id: <200401081652.i08GqcgG016208@vamx02.mgw.rr.com>
MIME-version: 1.0
Content-type: multipart/mixed; boundary=----------A48617900047D5F
X-Priority: 1 (High)
X-Virus-Scanned: Symantec AntiVirus Scan Engine
X-Virus-Scan-Result: Repaired 26464 W32.Mimail.J@mm
Original-recipient: rfc822;xxxxxx@nc.rr.com
X-NAS-Bayes: #0: 1.47046E-142; #1: 1
X-NAS-Classification: 0
X-NAS-MessageID: 993
X-NAS-Validation: {0D2F3A99-1329-496D-8DE4-4BE9CAF74458}

[Doof]

We now believe that the database was accessed from the outside.  It exists on a machine that is outside our firewall  (it has to be).  The only thing on it that would affect you is the e-mail address database.

We'll report more when we know it.

[KeystoneCop]

Return-Path: <verification@paypal.com>
Delivered-To: xxxxx@surewest.net
Received: (qmail 24155 invoked from network); 9 Jan 2004 04:23:32 -0000
Received: from unknown (HELO mx1.mc.surewest.net) (66.60.130.44)
  by core1.mc.surewest.net with SMTP; 9 Jan 2004 04:23:32 -0000
Received: (qmail 2041 invoked from network); 9 Jan 2004 04:23:32 -0000
Received: from unknown (HELO mail.epost.de) (193.28.100.187)
  by mx1.mc.surewest.net with SMTP; 9 Jan 2004 04:23:32 -0000
Received: from [62.111.240.130] (62.111.240.130) by mail.epost.de (6.7.015) (authenticated as barney@epost.de)
        id 3FEB54980020C6CA for xxxx@surewest.net; Fri, 9 Jan 2004 05:23:31 +0100
Date: Fri, 9 Jan 2004 05:23:31 +0100 (added by postmaster@mail.epost.de)
Message-ID: <3FEB54980020C6CA@ppd27106.x.de> (added by postmaster@mail.epost.de)
From: "PayPal" <verification@paypal.com>
X-Mailer: PayPal Mailer
Reply-To: "PayPal" <verification@paypal.com>
To: xxxx@surewest.net
Subject: Verify your identity
MIME-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit<html>
<head>
X-TST: mx1 SNWK2



xxx done by me.. hope this helps..

[jleerigby]

I spoke to 10 people at work that use paypal and knowone else received the emails.
Seems to only be people from here??

I don't want to sound paranoid and I will only ask this once... Jim are the Credit Card #'s at risk or was it just the email addresses...
If there is a possiblity that someone may have been able to get the #'s I would like to know.
Jim, if you say that they are secure, I will not raise this issue again.

Thanks and have a good weekend.

Even if they were (and I like you sincerely hope not) it's not your problem.  It's the banks problem provided you have not been reckless and have conformed with the terms and conditions of the card.

[Sam]

In addition to the PayPal email today, I got another spam on Monday.

I'm not sure if it's related at all, but this one actually displayed a link on the jriver site where they pulled my email address.  It was a mailto: link tied to my megaskin

Jim, fwiw, I'll forward you that email.


The email address I use here has been virtually spam-free - probably two emails in all of last year.  And then two this week.


My other email address, a personal one which I've never used here or with any website, just got its first spam ever today.  Not a good sign.

[Sam]

I spoke to 10 people at work that use paypal and knowone else received the emails.
Seems to only be people from here??

I don't want to sound paranoid and I will only ask this once... Jim are the Credit Card #'s at risk or was it just the email addresses...
If there is a possiblity that someone may have been able to get the #'s I would like to know.
Jim, if you say that they are secure, I will not raise this issue again.

Thanks and have a good weekend.

Even if they were (and I like you sincerely hope not) it's not your problem.  It's the banks problem provided you have not been reckless and have conformed with the terms and conditions of the card.

You're right about the financial loss.  But I've gone through the process of cleaning up my credit reports after credit fraud, and it's a really big deal.  Lots of paperwork and phone calls stretching on for countless months.

[Sam]

I just went through clicking on people's user names in this thread...  Quite a few have they're email addresses visible.  

It doesn't really take a hacker to automatically collect email addresses this way.  Not sure if this is how they did it, but hiding your email address is probably a good precaution.

[Charlemagne 8]

Me too. Promptly deleted.

[modelmaker]

I also got a couple of paypal emls. I do not have a paypal account. They were sent to the address I originally registered MC with, not  the address I used for interact.

[zevele10]

Sam
my mail is visible and i did not get any mail.
Beside this ,people may have more than one mail.
No difficult: X Yahoo mails NOT .com
forward to a pop up accompt , use your email client to consult it.
Et viola...

[JimH]

Zev,
Tu doit te couche.  C'est un peu tard de marcher sans dormir.  C'est dangereux aux autres.

Jim

[TimB]

Isn't there something in the Homeland Security Act about talking en francais?  

-=Tim=-

[sraymond]

I just went through clicking on people's user names in this thread...  Quite a few have they're email addresses visible.  

It doesn't really take a hacker to automatically collect email addresses this way.  Not sure if this is how they did it, but hiding your email address is probably a good precaution.

Well, just because an e-mail address is listing in the forums, doesn't mean that same address was used to register.  You'll find my address (scottraymond@sbcglobal.net) posted frequently.  I don't like munging my address - though I can't really say I have a rational reason.

But this is a a "throw-away" address that I use everywhere that is publicly viewable (i.e. here, Usenet, etc.)  I run all incoming mail through POPFile, which does a darn good job of seperating out that spam/virii.  But I accept that I might miss some stuff - that's OK.

My concern here (which is significant) is that JRiver has my "e-mail for life" address - and not by my own volition.  I was once locked out of INTERACT and I was told to reregister.  Of course, the throw-away was already taken (INTERACT wouldn't let me use it again), so I used my "e-mail for life".  Now, if that account were to get ruined by spam/virii, I'd be quite upset.  In hindsight, I shouldn't have done that - but I got personal assurances from JimH that addresses were never released outside of JRiver.

By ruined...  I mean that the good/bad ratio gets so small that I can't expect to find the good stuff.  I was getting over 300 virii a day (the MS Update one) with my sbcglobal.net account for a while.  Imagine trying to make sure that urgent and important business is not lost under that mountain of junk!

Well, it's too early to tell if there's been any real damage done...

Scott-

[PhatPhreddy]

Even if they were (and I like you sincerely hope not) it's not your problem.  It's the banks problem provided you have not been reckless and have conformed with the terms and conditions of the card.

True of you have a credit card... Of course many people hav VISA (of MC / AMEX) debit cards and in the UK a debit card does not have the same protections as a credit card and the money is out of your account before you have a chance to correct it.. Instead of the security of VISA witholding the merchants money (usually 90 days with VISA merchants) the bank faces an actual money loss and is therefore MUCH tougher about paying back funds.  Moral is use a credit card instead of a debit card every time...

For those with SPAM issues I strongly recomend Cloudmarks Spamnet... I have my email public all over forums and get a >10:1 spam ratio but its not a problem as spamnet gets 99% of it and cleans it all out for me to a SPAM folder... The community reporting method works great.