Empire direct hacked or just complete scoundrels?

[flid]

I use a different email address when ever i sign up to anything which technically doesn't exist but gets forwarded to a central one. The reason for doing this is so i can find who has sold my address/is spamming me. Then I can deal with it and block that address.

I have such an address for my empire direct account. It's never had mail sent from it and it's only ever been typed into the empire direct site. Their privacy policy states that they don't sell or pass on your details:

"EmpireDirect.co.uk takes your privacy rights as a customer seriously. This policy outlines the data we collect from our visitors and how we use it.

Any personal information provided to EmpireDirect.co.uk is used solely by Empire Direct plc, The Clock Buildings, Roundhay Rd, Leeds, LS8 2SH. "

So, interested was I when I got a phishing email this evening sent to the address. This means either:

a) empire direct have been hacked and account details stolen - potentially along with passwords and credit card info
b) empire direct sell your account details

Has anyone else who has bought AV stuff from them gotten phishing emails today? The one i got was a fake Natwest one.

[Nick_UK]

Would it be possible that someone has picked an e-mail address at random, and has come up with one of your addresses ?

I have had spammers using my domain in the "from" field of their spam, but the prefixes in front of my domain name are not ones that I ever use.

[flid]

well, i can't deny that it is physically possible, however if that is the case then i'm buying lottery tickets for tomorrow's draw :D

[Lawrenzini]

did the phishing email relate to empire direct, or was it just a standard one?

[Nick_UK]

What spammers often do is to send out blank emails to thousands of random e-mail addresses, and the ones that don't "bounce" can then be counted as live. I thought it was a great idea to have a four-letter domain (so people could remember it easier), but the downside is that it doesn't take many random tries to come up with it.

[I use a different email address when ever i sign up to anything which technically doesn't exist but gets forwarded to a central one

if you need another.(email). if you run out go to www.cyberrights.com for email its anon and part of hushmail

[flid]

As I said the chances of anyone guessing by brute force the email address in question is less than me winning the lottery this weekend. I have my own mail server and a domain that I just use for email. I have a wildcard set so all email @ automatically routes to one address, then I can specify individual addresses to be blocked or routed elsewhere. It's a very efficient way of dealing with spam, provided that your friends aren't complete dumbasses and don't type your personal address into greeting cards sites. The phishing email was a 'natwest' one - nothing to do with empiredirect.

[Nick_UK]

Is your "official" e-mail address on a web page somewhere ?

[flid]

'official' ?

Quote:

Originally Posted by flid

It's never had mail sent from it and it's only ever been typed into the empire direct site.

the only possible explanation for this is that either empire direct were hacked or someone from the company has sold everyone's details

[PmSonic]

Quote:

Originally Posted by flid

'official' ?



the only possible explanation for this is that either empire direct were hacked or someone from the company has sold everyone's details

I disagree, comments made earlier bu Nick_UK suggest that hackers dont need to be sold / steal email addresses to send out span or phishing emails.

I can back this up by using my work email address as an example.

- I've only ever sent internal emails,
- the address isnt published on any of our litrature or on the website,
- i've never used it to register for anything online,
- we're a really small company & i work very closely with the network team so can vouch for the above statements.

Yet, i recieve spam, phishing attacks on a (fairly) regular basis. Oh, yes and its 8 letter .com domain name.

[Steve_P]

There is a 3rd option but I'm guessing it's a remote possibility as you sound pretty IT savvy... Could your own PC have been compromised as opposed to Empire Direct's info server?

S.

[Ian J]

I set my wife up with an NTL email address a couple of years that has never been used by us at all - either for sending emails or for registering details anywhere and she still gets spam

[Strobe]

There was an article which I read somewhere regarding phishing (may have been PC Pro) which stated that the most common method of 'phishing' was to use randomly generated email addresses. Those email domains with common 'tags' such as 'family' or 'home' or common names in the title 'smith', 'jones', etc are likely to get hit by 'phishing' emails more often.
Our standard email account was quite quiet on the spam front until a few months ago and it now seems to have gone ballistic!
I find the standard junk filter in outlook picks 90% of spam and phishing emails.
IE7 Beta 2 also has a 'phishing website' filter as well.

[umbongo]

Flid,

You are not alone.
I do exactly the same as you with regard to using unique email addresses, (we must have been separated at birth )
Since 26th July I have had 6 phishing attempts directed at my empiredirect address. I have not had any such attempts on any other address and since you've had them as well it really looks like somebody is getting these addresses from empiredirect somehow. Also, if people were making up random addresses I would expect to have got a lot of others directed at my domain as would you.
Did you contact empiredirect themselves about this? If so did you get any response? I just hope our CC details are safe with them!

[IronGiant]

Dave