sehh

spam to hidden paypal email

5 posts in this topic

I've got a special email address that I've created just to register with PayPal and never used anywhere else. This email address uses a randomized first part (before the @) so its impossible to predict or to automatically generate. This email address has received 4-5 emails from PayPal since 2013 when it was first registered, mainly about updating the account details.

BUT

Today it received a spam email, originating from the IP address 23.107.28.79 (mail6.kayfun.vip) about some e-shop selling fake jewellery, directly addressed to my special email address.

 

So what possible theories exist?

1) My Linode.com server has been compromised and the email addresses have been harvested. It runs a pure CentOS 7.3 server, no control panel, just apache, dovecot and postfix.

2) PayPal has been hacked

3) PayPal sells email addresses to spammers

4) My desktop computer has been compromised (runs Fedora Linux, with claws-mail as an email client)

5) Something else? or a combination of the above?

 

Anyone else seen this before? I'd appreciate your suggestions.

Thank you.

 

Share this post


Link to post
Share on other sites

Did you report the spam to spoof{AT}paypal.com?  Be sure to include the complete email with header and explain the unique email used.

I manage 3 paypal accounts, mine plus 2 for non-profits I work with. None of those emails are as clever as yours.  I have gotten some spam but not much.  If you have only gotten 4-5 emails from PayPal in 3 years you must not use the account often.

However, when you have used your account, part of the information a merchant can receives is the email of the PayPal account. (I see this because the non-profits use PayPal to sell tickets, etc. and receive donations.)  So the "merchants" you payed with PayPal have access to your random email address and they too could have sold it.

Share this post


Link to post
Share on other sites

No I haven't reported it to paypal, just spamcop at the moment.

This paypal account has been used only once, for a payment to a single person only. So that limits the possible leakage points :)

I was not aware that once you make a paypal payment, the remote party has access to your email address, so I will get in touch with this person first and report the issue, maybe we can pin-point the problem.

Thanks for the info, much appreciated.

 

Share this post


Link to post
Share on other sites

I use company specific email addresses and started getting spam to lots of different mailboxes, I realised they couldn't all have simultaneously sold my addresses and after several weeks of digging I realised that the spammed address were all being picked up with imap, none of the pop3 addresses were spammed so somehow they were able to probe for imap traffic.?? (all the addresses were enabled for imap and pop3 at the server, its how they picked up at the client end)

Share this post


Link to post
Share on other sites

It might be a good idea to change your passwords, a.s.a.p. Yahoo has had some data breaches in the last few months.

A couple of the email providers I use have additional options available to help reduce the risk of people snooping. For example, every so often gmail/google sends me a text message before I can login via webmail. Without access to the phone, access to the email account will be more difficult.

Edited by lisati

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now