Spam received at forum address

K

kjpetrie

I'm just writing to let people know I have received spam addressed to me at the unique address I used to register for this forum, so it appears data has leaked from the forum accounts database into the hands of spammers.
 
Your email address appears to be used for other purposes, like maybe the FreeBSD bug reporting system? Other than that, your email address may also have leaked from compromised email servers or stores, syslog servers, unencrypted remote syslogging, proxy/cache servers, address books, password stores, or backups.
 
Sorry, yes I would also use it for other contacts with FreeBSD systems. Perhaps, I was being over-specific in saying the forum. It could also have leaked from other parts of the FreeBSD infrastructure. The prospect of it being harvested in transit from a compromised relay is rather a worrying thought, but in this world I suppose there could be such as well. However, I thought it was something worth flagging up so others can take precautions if they see fit. I have changed my password as well.
 
I am looking into the system, but can see no evidence of access to the (jailed) databases, either directly or through XSS or other traversal exploits. Everything is up-to-date, and we do run a pretty tight ship, access-wise. Also: 2FA is available on the forums, feel free to use that too (via e.g. Google Authenticator).
 
https://haveibeenpwned.com/ can check emails, websites and other online accounts for posted/pasted compromises.

I checked freebsd.org and forums.freebsd.org, and nothing turned up. It doesn't mean there's no compromise, it just means potential compromises weren't found to be shared.
 
I think kjpetrie did not refer to his account being breached or his password being exposed (though activating 2FA is usually a good idea); simple email addresses can pop up in numerous places, no matter how unique they are. One open directory or a world-readable syslog store is enough -- and stuff pops up in transit in several places, e.g. when you have configured your account to email you about a watched thread or other events. Spammers are constantly scanning for those, and they're surprisingly common.
 
I just checked the box I registered from and there was no sign of spam or nasty notes from INTERPOL. Only notices of new replies to watched threads like it should be.
 
Sorry for a late response but I would like to warn you guys for sites such as https://haveibeenpwned.com.

I don't trust those kind of websites and quite frankly can't help wonder if they aren't doing their own share of data collection as well. Thing is: I've tried a few of those websites with entering fake addresses. And several alarm bells rang because I was sure in trouble. Yah right.
 
ShelLuser said:
Sorry for a late response but I would like to warn you guys for sites such as https://haveibeenpwned.com.

I don't trust those kind of websites and quite frankly can't help wonder if they aren't doing their own share of data collection as well. Thing is: I've tried a few of those websites with entering fake addresses. And several alarm bells rang because I was sure in trouble. Yah right.
Click to expand...
Maybe they do collect data, like major websites do, but it's suggested from reputable sources.
 
ShelLuser said:
Sorry for a late response but I would like to warn you guys for sites such as https://haveibeenpwned.com.

I don't trust those kind of websites and quite frankly can't help wonder if they aren't doing their own share of data collection as well.
Click to expand...

It's the ones where you enter your password to see if it sufficently complex you want to avoid, as those passwords are thought to find their way into cracker databases.
 
You must log in or register to reply here.
Back
Top