|I get spam to my Webmaster World email address.|
| 10:40 pm on May 8, 2014 (gmt 0)|
I get quite regular spam emails to the email address I use at Webmaster World. I have only ever used this email address at WebmasterWorld, which has never been published anywhere. I have never even sent an email from this address. The domain in my profile is unrelated to my email address.
So... where, what, how, when?
| 8:23 am on May 9, 2014 (gmt 0)|
Sorry to hear that.
I've had spam sent to just about every e-mail address created, and, when a catch-all is set to receive, I get e-mail to addresses that don't exist.
With so many e-mail spammers getting desperate for new addresses, it's no wonder that they may have hit on yours by pure chance.
| 10:58 am on May 9, 2014 (gmt 0)|
I gave up on a catch-all address on an old personal account as it was just flooded with messages to firstname.lastname@example.org
| 2:39 pm on May 9, 2014 (gmt 0)|
WebmasterWorld email is squeaky clean to the best of my knowledge.
Where is the email address hosted?
If you're using any service like gmail, yahoo, etc. they are regularly exposed as I get spam to emails never used except to certain places when it's hosted on those services.
Additionally, if the email address shows up in your contact list and that list gets exposed to facebook, SPAM! I got spam in my primary mailbox recently from my daughter's name, but it was her facebook name.
Also, if your server's email account directory on the server is open for others to view, they'll get it.
Last but not least, if your email is hosted on a shared hosting service, not your own dedicated platform, the odds are it has been exposed there as shared hosting is the biggest security problem around.
Hope that gives you some clues of where to look and if I helped you spot it, please let me know which one it was.
P.S. since we're webmasterworld often people use email addresses like "email@example.com" and spammers often send blind spam to hostmaster@, webmaster@, sales@, support@, info@, etc. looking for accounts so anyone using webmaster@ is a prime target for those times of email probes.
| 5:07 pm on May 11, 2014 (gmt 0)|
Just as a datapoint:
I use use catchall (wildcard) email on my domain,
and I do not see any spam directed at my targeted
Webmaster World email addy -- going on nearly 4 years now.
| 9:36 am on May 13, 2014 (gmt 0)|
Thanks for your replies.
Well, who knows... maybe it was a lucky guess, or maybe it was snooped whilst in transit?
This address used to be part of a "catch-all" some years ago, although it is now a "forward" with a different host. I was a bit dubious of the previous (shared) host's security after my plain old HTML-only site got hacked. This particular spam is not a recent thing.
I do pick up my email through Gmail (as an email-client), but this is not a Gmail address. Gmail does a great job of filtering out the spam. In fact, all these "spam" messages are correctly filtered out as spam, whilst I receive all the legitimate notifications to my inbox.
I've never shared my contact list on a social network. (This address is not in my contact list anyway - just checked.)
@Jonesy, a "catch-all" shouldn't increase the chances of getting spam at "your-targeted-address"@example.com, however, because "some-random-address"@example.com is now a valid address you just end up getting a whole lot more spam in general. Catch-all's are strongly discouraged these days for that very reason and some shared hosts actively block it - unnecessary load on mailserver etc.