They highjacked my e-mail address
RIVER BENDER -
December, 2005
Swamped with e-mail
My e-mail address dave@always-online.com was highjacked by a spammer. One morning I logged in to discover over 50 bounce messages telling me that mail that I didn't send could not be delivered. Most of the messages included an original message sent from a mortgage loan company. But why was I getting the bounce messages? A look at the loan company's mail header showed my address being used as their return address. This is called "spoofing" the return address. They did this because they needed a valid return address but one that wouldn't identify them. Why? Probably because the loan company was a fake or a scam.
Change password
My first thought was that someone might have access to my account at Always-Online so I immediately changed my password but the bounce messages continued. As they arrived every few minutes I continued to delete them in MailWasher (www.mailwasher.net) rather than waste time downloading them.
Contact loan company
I thought the problem would be easily solved by contacting the mortgage company and telling them to cease using my address. After all, if they wanted to loan money, they had to be contacted by customers. I went to the web site mentioned in a bounce message and discovered: (1) The company had no name or address. (2) The web site showed a old chart with 2004 interest rates and (3) All I could do was open a loan application form. I soon noticed that the company's web site address in the messages changed almost daily. I began averaging over 100 bounce messages per day.
Request a loan and identify
the crookI hated to do it but I finally submitted a valid looking request on their web page for a loan to purchase a new house. I figured this was the only way I might be able to identify the spammer. To make the application valid I had to give them my e-mail address. Worse yet, I had to give them my phone number because the instruction was that a lender would call me. Two days later someone called about a loan. I asked for the name of the company twice but was not able to understand the caller who spoke with a foreign accent. She said someone would call me but I never heard from anyone.
Mail keeps piling up
I was beginning to get annoyed having to delete so much mail in MailWasher every time I checked mail so I finally cut them off at the pass by setting up filters in WebMail. Within a week I filtered and accumulated 2173 bounce messages that I transferred to a special Hijack folder. I hoped the messages would stop but it got worse as I began receiving them from overseas addresses. I wondered if the traffic was putting a strain on my ISP Always-Online and might even cause them to become blacklisted as a spamming domain.
Changing e-mail address
I hated to change my e-mail address "dave" that I had had for years. Over 900 members were on four e-mail lists I managed and my address was probably in their address books. It also appeared on my numerous web pages but munged with extra characters. I know now that it was a mistake to have ever chosen a common address like dave, because probably every ISP that exists has a valid dave@domain address, as well as a david, daniel, darrell, darnell, etc., which makes it easy for a spammer to create a valid mailing list. My new address is now davew and no spam to that address has occurred yet. The old address is still valid, awaiting Always-Online to delete it which I hope will happen soon because over 100 bounce messages are still arriving daily.