Avast server compromised ?

system · 2017-04-10T08:27:15.000Z

Hi all,
I use a particular email address that is only used for logging into Avast. I must stress it is ONLY used for Avast. I have other email addresses that are only used for specific purposes such as Dropbox, Paypal, eBay, Facebook etc - all are unique.

This morning I started receiving junk mail (spam) sent specifically to the address used for Avast.
I have previously received spam for a couple of my other addresses for specific small supplier websites, also my old Dropbox address which are now all set as spam. When I bother to check they (more or less) all get the same spam.

What I am concerned about is that the Avast specific address has now been compromised just days after renewing my IS licence. None of the other email addresses I have used recently with suppliers or for logging into websites is getting this spam (from goksteel@goksteel.com) .

Any thoughts or comments?

Eddy · 2017-04-10T08:32:20.000Z

They generate random email addresses, get them out of (illegal) listings and such.
It doesn’t matter what you are using a email address for or at what provider, sooner or later there will be spam sent to it.

system · 2017-04-10T08:47:06.000Z

Hmm I disagree.
I own several domains and use sacrificial addresses for small or new suppliers and unique addresses for long term suppliers.
These addresses are forwarded onto my actual email addresses.

So maybe I would use my.sws.bk@mydomain.co.uk for my Swiss Bank Ltd account (yeah I really have one - Not).
This junk is targeted specifically at the my.avast.acc@mydomain.co.uk (not the address I actually use) but you get the picture.

Its not a lucky guess or randomly generated.
Anyone getting this ?

Asyn · 2017-04-10T08:54:51.000Z

a-tech post:3:

This junk is targeted specifically at the my.avast.acc@mydomain.co.uk (not the address I actually use) but you get the picture.
Its not a lucky guess or randomly generated.

Well, to be honest, your username for your avast email isn’t really tricky.

Eddy · 2017-04-10T08:57:18.000Z

You don’t have to agree but that doesn’t change the fact as I stated.

system · 2017-04-10T08:57:34.000Z

duh I did say that my.avast.acc@mydomain.co.uk is not the actual address I use for my Avast account.
:o

Asyn · 2017-04-10T08:59:34.000Z

a-tech post:6:

duh I did say that my.avast.acc@mydomain.co.uk is not the actual address I use for my Avast account.
:o

Yes, I know.

Pondus · 2017-04-10T09:32:55.000Z

Have i been pwned >> https://haveibeenpwned.com/

pwned websites >> https://haveibeenpwned.com/PwnedWebsites

How Do Spammers Get Your Email Address?
https://www.howtogeek.com/180477/htg-explains-how-do-spammers-get-your-email-address/

Guessing Email Addresses
http://www.bustspammers.com/guess-email-address.html

[b]What About Wrong Guesses?[/b]
What about them? Nothing! It’s not like it costs anything to send another email. Or another 10,000 emails. So what, if most of them go to non-existing addresses? And since the From address is always faked, the bounces will not flood the spammers own computer, but some innocent victim whose email address had been used in the From field.

moroni · 2017-04-10T10:36:08.000Z

Or maybe because of https://blog.avast.com/2014/05/26/avast-forum-offline-due-to-attack/ ?

system · 2017-04-13T08:06:59.000Z

moroni post:9:

Or maybe because of https://blog.avast.com/2014/05/26/avast-forum-offline-due-to-attack/ ?

That is possible but I would have expected some spam to the particular address I used at that time, as it was in 2014.
No this is a new episode which is why I was wondering if anyone else was getting spam thrown at a particular address they use for logging into Avast. ?

I am not interested in responses that go on about all email addresses get compromised in the end. If it was the ISPs that were compromised I would see the actual ISP email addresses being used - which I am not. The only website I have used with this particular address are used by Avast. So if the email was scrapped from a website it would be an Avast website.

If people are not interested in an early warning then fine I have spoken up and said my piece, its up to you all to judge what I have said and make your own arrangements.

Asyn · 2017-04-13T08:09:14.000Z

a-tech post:10:

No this is a new episode which is why I was wondering if anyone else was getting spam thrown at a particular address they use for logging into Avast. ?

No such spam issues here. Cheers.

Announcements