Did someone gain access to 1Password registration emails?
Comments
-
Same here. The E-Mail I used to register is used only here and only once, so yes, there definately is a breach of security of some kind. Very annoying, since putting that address on a blacklist would defer all legitimate mails from Agile.0
-
Please contact us by e-mail at support@agile.ws with the full messages (headers included) and we'll look further into the situation. Also to be sure we're looking at the correct places are these addresses also signed up for the Agile newsletters or just your software registration?0
-
That's quite odd. I create an email address for every company I do business with, and I haven't received any spam to my agile-related address...0
-
bwoodruff wrote:That's quite odd. I create an email address for every company I do business with
Same here. I own the domain bridgehead.de, so when registering with a company, I just put their name as address in front. Thus, 1password@bridgehead.de tells me exactly, which account has been misused. As would apple@bridgehead.de, omnigraffle@brigehead.de, microsoft_office_mac@bridgehead.de.
I've received two waves of exactly 7 mails each, with a pause of some hours inbetween. Since then, it's quiet again. But fact is, that there *is* somebody using this very unique address to send spam.bwoodruff wrote:...and I haven't received any spam to my agile-related address...
Maybe those data is older and your e-mail is just not in it yet. Or could it be that your spamfilter has already filtered them out? (I'm not using one, since I usually receive no spam... lucky me... :-) )
Maybe it's not the registration database, but the forum software (I am using 1password@bridgehead.de as contact address for my account here as well).
Or it could be the database of some marketing company that has once been given the job to inform us about new products (if those were ever involved).
We'll probably never find out. But still, reporting it is important, for agile might want to find out about any insecurity they might not be aware of, otherwise.0 -
I hadn't made the connection, but I too had the spam pattern others described.
It's an excellent idea to use unique email addresses for registrations. I haven't gone quite that far, but it seems like a good idea, provided you can create an email catchall mailbox.0 -
And while this is looked into, far worse things happen... http://arstechnica.com/apple/news/2010/06/ipad-3g-user-e-mail-addresses-leaked-by-att-servers.ars ;-)0
-
MartyS wrote:Please contact us by e-mail at support@agile.ws with the full messages (headers included) and we'll look further into the situation. Also to be sure we're looking at the correct places are these addresses also signed up for the Agile newsletters or just your software registration?
Just sent an email.0 -
0
-
bwoodruff wrote:That's quite odd. I create an email address for every company I do business with, and I haven't received any spam to my agile-related address...
Neither have I.0 -
maelcum wrote:Same here. I own the domain bridgehead.de, so when registering with a company, I just put their name as address in front. Thus, 1password@bridgehead.de tells me exactly, which account has been misused. As would apple@bridgehead.de, omnigraffle@brigehead.de, microsoft_office_mac@bridgehead.de.
I've received two waves of exactly 7 mails each, with a pause of some hours inbetween. Since then, it's quiet again. But fact is, that there *is* somebody using this very unique address to send spam.
My guess is your address got harvested by a spambot. You just posted 4 emails here in clear text that any bot can find b/c this forum is accessible by the general public. I suspect your Apple and Omnigroup emails will be spammed soon :)0 -
Those emails will all be be flooded with spam now that they are out in public. Welcome to the world of spam email.0
-
dteare wrote:
My guess is your address got harvested by a spambot.
Well... No.
It hadn't been posted anywhere before.
At least give me credit that I checked for that, before I posted here.
But then - what do you care, eh dteare?dteare wrote:
You just posted 4 emails here in clear text that any bot can find b/c this forum is accessible by the general public. I suspect your Apple and Omnigroup emails will be spammed soon
I wouldn't be as stupid as to post those here.
Each has a domain suffix to it. How would I be able to tell amazon.com from amazon.fr from amazon.de?
Thanks so much for trying to make me look stupid. I'm glad techmonkey and MartyS have not brushed it off as lightly as you.
So much for making your guys aware of something that could just as well be a problem on your side.
Good to see how you value your customers experience.
It'll be a lesson to me.
0 -
Spammers can be clever.
If they have the second part of your address it would be easy for them to combine it with a first part such as 1password. The only reason why this is unlikely is that there don't seem to be spams to other first parts.
Incidentally, this ease of getting addresses is a good reason not to use things like 1password, apple, as the first part of the address. At least change it to something like danco1password, dancoapple (I didn't use your name so that no-one can harvest it; I'm not planning to use this kind of address myself).
If there had been a real breach of security on agile's part, one would expect many more people getting spam.0 -
danco wrote:
If there had been a real breach of security on agile's part, one would expect many more people getting spam.
And reporting it, as I definitely would have if it happened to me.
Awhile ago I reported an ongoing problem with legitimate AWS mailings being mistaken as spam. X-Spam-* headers from one of those messages about a week ago:X-Spam-Score: 9.8 X-Spam-Check: Enabled,6.0,13.0,1,1,42,1,0,0,1,0,0,0,0,[SPAM], X-Spam-Status: Yes, score=9.8 threshold=6.0,13.0 X-Spam-Sys-BayesResult: No, 0.002560 X-Spam-Report: Content analysis details: 4.1 ENV_FROM_SPAMSOURCES RBL: Envelope sender listed in spamsources.mxes.net 4.1 URIBL_SPAMSOURCES Contains an URL listed in the spamsources.mxes.net blocklist [URIs: streamsend.com] 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text to image area 4.1 RCVD_IN_SPAMSOURCES Received via a relay in spamsources.mxes.net -2.5 SYSTEM_BAYES 0.002560 X-Spam-Flag: Yes X-Spam-Junkmail: Yes X-Spam-Scoring: 12,3
0 -
maelcum wrote:
Thanks so much for trying to make me look stupid.
This was certainly not my intent. I'm sorry my post came off that way. It is very hard to communicate emotions here.danco wrote:If there had been a real breach of security on agile's part, one would expect many more people getting spam.
This was my feeling as well.sjk wrote:Awhile ago I reported an ongoing problem with legitimate AWS mailings being mistaken as spam. X-Spam-* headers from one of those messages about a week ago
Thanks for the report sjk!
We switched newsletter providers about 6 months ago. I think we'll try the old one again; they are more expensive but I think they did a better job in this regard. Please let us know if the next newsletter gets flagged as spam again.0
This discussion has been closed.