dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3423
share rss forum feed


thirteenone

@netvision.net.il

how did these sites get my info....wow i am shocked

hi,

last night i was looking to buy an old version of an adobe software product that i need. so i typed into google search and a bunch of OEM software sites came up. i clicked on about 3 links but did not enter any info, just browsed for a few seconds then closed. this morning i open my email and i have about 10 emails for OEM software in my inbox. i cannot believe this, i am absolutely shocked. how did these guys get my private email address (its a private email, i.e noy google. yahoo etc...), i performed no action on their sites, only browsed for a few seconds. i use avast pro and spybot....how did this happen.


dib22

join:2002-01-27
Kansas City, MO

1 recommendation

Were you logged into facebook?
Expand your moderator at work


norwegian
Premium
join:2005-02-15
Outback

1 recommendation

reply to thirteenone

Re: how did these sites get my info....wow i am shocked


It's called data mining, and it happens a lot. Most people just click happily away not knowing that it is all being collected.

The Internet is still learning to spell Privacy.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke


packets

join:2013-03-18
Holly Springs, NC

1 edit

1 recommendation

reply to thirteenone
said by thirteenone :

hi,

last night i was looking to buy an old version of an adobe software product that i need. so i typed into google search and a bunch of OEM software sites came up. i clicked on about 3 links but did not enter any info, just browsed for a few seconds then closed. this morning i open my email and i have about 10 emails for OEM software in my inbox. i cannot believe this, i am absolutely shocked. how did these guys get my private email address (its a private email, i.e noy google. yahoo etc...), i performed no action on their sites, only browsed for a few seconds. i use avast pro and spybot....how did this happen.

Really, you're shocked? Hmm...Acknowledge the complete power that is Google, get angry, and begin using a different search engine (e.g., www.startpage.com) for your future searches...

PX Eliezer
Premium
join:2013-03-10
Graustark
kudos:7
Reviews:
·Optimum Voice
·callwithus
·Callcentric

2 recommendations

reply to thirteenone
said by thirteenone :

hi,

last night i was looking to buy an old version of an adobe software product that i need. so i typed into google search....

.....how did this happen.

That's how.

That's their business model.

As was said, a search engine that protects your privacy much more is:
»startpage.com/

From the same company, but one that uses more input sources:
»ixquick.com/

Another good one:
»duckduckgo.com/

------------------

Company background on the first two:
»ixquick.com/eng/company-background.html

Company background on DuckDuckGo:
»help.duckduckgo.com/customer/por···-history

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS

6 recommendations

reply to thirteenone
But no replies here have explained how it is that the email address (not gmail, not typed on the web sites) was discovered.

I search for stuff in google. I buy things online. And yet somehow I have never had the experience that the OP has had. So it's not explicable by simply saying "google does data mining".


norwegian
Premium
join:2005-02-15
Outback

2 recommendations

Javascript. Who knows what sites were referenced, and yes even Facebook captures user history of sites not linked to them, and email addresses are known if a user is set to public.

The other possibility is of logging the IP address of the visitor to the site and then a bot sends email out to to the block of IP's and if it's a standard Peter, John, Paul or Mary email address of the ISP's block of addresses.

Logged into a Google Acct, synced? You don't need a Google email address if you use your private email online.

You may have used your email address in a previous web page and user history, user referrers, CSS, XSS etc.

Probably a good place to start:
»en.wikipedia.org/wiki/Email_addr···rvesting
»www.faqs.org/faqs/net-abuse-faq/harvest/

--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
kudos:3
Reviews:
·Frontier Communi..

2 recommendations

reply to thirteenone
Perhaps it would help if there were more specific details provided...
1. What is your browser & version?
2. How do you access your email (an online ISP web portal or downloaded by an email browser on your system)?
3. Do you use Google Toolbar?
4. Was JavaScript in use by the browser when visiting the OEM sites just prior to the emails?
5. Had the browser been turned off prior to browsing to the OEM sites, or had it been left on from previous usage/sessions? Did such previous usage include the input of email address to some other site?
6. Had you done any previous online searches for the same kind of software before the session that seemed to trigger the eMails?
7. Is your email address rather obfuscated (hard to guess) or is it of simple construction? (eg: is it something along the lines of 87bkp5u@isp.com or instead perhaps like lastname@isp.com?)
8. When was the last time you did a full system scan using your anti-malware tools prior to the email arrivals?
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:12
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to norwegian
said by norwegian:

The other possibility is of logging the IP address of the visitor to the site and then a bot sends email out to to the block of IP's and if it's a standard Peter, John, Paul or Mary email address of the ISP's block of addresses.

How does this work? If you know my IP address, how will you blindly find my e-mail address?

Okay; I understand if you know I accessed your site from [64.174.91.254], you can run a reverse lookup and find, 'adsl-64-174-91-254.dsl.sntc01.pacbell.net'. From which you can deduce that my e-mail address ends in, '@pacbell.net'. But you still don't know if my email address user name bears some resemblance to any name I plugged into your site.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


John Galt
Forward, March
Premium
join:2004-09-30
Happy Camp
kudos:8

2 recommendations

reply to thirteenone
Many companies sell email addresses as a normal part of their operations.

Most people have a disposable email address that they use for things such as shopping and such...to avoid this kind of problem.

ctggzg
Premium
join:2005-02-11
USA
kudos:2
reply to norwegian
said by norwegian:

The Internet is still learning to spell Privacy.

And some people still haven't realized that there's nothing about a right to privacy in the Constitution. Nor is an email address sacred.


DrModem
Trust Your Doctor
Premium
join:2006-10-19
USA
kudos:1

3 edits

2 recommendations

reply to NormanS
said by NormanS:

said by norwegian:

The other possibility is of logging the IP address of the visitor to the site and then a bot sends email out to to the block of IP's and if it's a standard Peter, John, Paul or Mary email address of the ISP's block of addresses.

How does this work? If you know my IP address, how will you blindly find my e-mail address?

Okay; I understand if you know I accessed your site from [64.174.91.254], you can run a reverse lookup and find, 'adsl-64-174-91-254.dsl.sntc01.pacbell.net'. From which you can deduce that my e-mail address ends in, '@pacbell.net'. But you still don't know if my email address user name bears some resemblance to any name I plugged into your site.

Because that's not how it's happening.

Probably you have an account with and are logged into some site that is tracking your web activity with a cookie (Thus how they can pair the email with the web activity) and then selling your email address and search history to third parties who are sending interest based spam. It's not google because they don't do that (You can read their privacy policy, it says so, unless you have reason to believe they are lying).

You should look at the privacy policies of sites you log into(Somewhere in all the legalese they should say whether or not they sell info to third parties) and maybe clean out your cookies/cache.


Xioden
Premium
join:2008-06-10
Monticello, NY
kudos:1

1 recommendation

reply to PX Eliezer
said by PX Eliezer:

said by thirteenone :

hi,

last night i was looking to buy an old version of an adobe software product that i need. so i typed into google search....

.....how did this happen.

That's how.

That's their business model.

Except that isn't Google's Business model. You would begin to see Google ads related to your searches. You would not receive emails from advertisers as Google doesn't sell email addresses in the first place. OP would however be pretty likely to see Adobe OEM related ads in GMail (but not as actual emails).


DrModem
Trust Your Doctor
Premium
join:2006-10-19
USA
kudos:1
Since google runs it's own ad network it has a vested interest in keeping that info to itself.

Otherwise it would be like walmart letting target use it's supply chain.

pandora
Premium
join:2001-06-01
Outland
kudos:2
Reviews:
·ooma
·Google Voice
·Comcast
·Future Nine Corp..

1 recommendation

reply to thirteenone
Google analytics uses JavaScript and urchins to follow you from site to site. Other companies use similar software. It is likely your computer has a unique accessible identifier of some sort that allows you to be tracked even without cookies.

If you are logged into facebook or google, tracking you is very easy.
--
Congress could mess up a one piece jigsaw puzzle.


Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
kudos:13
reply to norwegian

 

quote:
It's called data mining, and it happens a lot. Most people just click happily away not knowing that it is all being collected
Yes and its quite disturbing!! -- Many ppl dont care its hapening which is quite sad!


jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
Reviews:
·Cox HSI
·Speakeasy

1 recommendation

reply to norwegian

Re: how did these sites get my info....wow i am shocked

said by norwegian:

It's called data mining, and it happens a lot. Most people just click happily away not knowing that it is all being collected.

The Internet is still learning does not know how to spell Privacy.


dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS
reply to norwegian
said by norwegian:

The Internet is still learning to spell Privacy.

Indeed.


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:12
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to DrModem
said by DrModem:

Because that's not how it's happening.

That is exactly what norwegian See Profile says is a possibility:
quote:
The other possibility is of logging the IP address of the visitor to the site and then a bot sends email out to to the block of IP's and if it's a standard Peter, John, Paul or Mary email address of the ISP's block of addresses.

So how does that possibility work?

Here is one way I think could work:

Autofill in Opera.

But does anybody actually fill out their browser with "Auto-complete" data any more? Especially using a "Private" e-mail address?

And, in any case, by obtaining the e-mail address from a browser "auto-fill" database doesn't require a blind send to a random name at a block of IP addresses.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum

nonymous
Premium
join:2003-09-08
Glendale, AZ
reply to packets
said by packets:

said by thirteenone :

hi,

last night i was looking to buy an old version of an adobe software product that i need. so i typed into google search and a bunch of OEM software sites came up. i clicked on about 3 links but did not enter any info, just browsed for a few seconds then closed. this morning i open my email and i have about 10 emails for OEM software in my inbox. i cannot believe this, i am absolutely shocked. how did these guys get my private email address (its a private email, i.e noy google. yahoo etc...), i performed no action on their sites, only browsed for a few seconds. i use avast pro and spybot....how did this happen.

Really, you're shocked? Hmm...Acknowledge the complete power that is Google, get angry, and begin using a different search engine (e.g., www.startpage.com) for your future searches...

You just need not to be logged in to a google account.


Faster
Premium
join:2013-03-09
reply to thirteenone
Between the Internet and Smartphones and a few other technological innovations of the past 10 years there is no longer any privacy and there is nothing you can do about it if you use those mediums.

The best you can do is mitigate or limit the damage plus ID some of the sources or methods on how the info was collected.


DrModem
Trust Your Doctor
Premium
join:2006-10-19
USA
kudos:1
reply to NormanS
If something is stealing your autofill data, then you have some malware on the computer, it's not a website doing it.

As far as the random IP block email carpet bomb... it may be possible seems too clunky for anyone to actually implement.


La Luna
RIP Lisa
Premium
join:2001-07-12
Warwick, NY
kudos:3
reply to thirteenone
Wonder where to OP went. It would be nice to have more specific info. Is this even possible as described?

Hmmm....


norwegian
Premium
join:2005-02-15
Outback
reply to NormanS
said by NormanS:

said by norwegian:

The other possibility is of logging the IP address of the visitor to the site and then a bot sends email out to to the block of IP's and if it's a standard Peter, John, Paul or Mary email address of the ISP's block of addresses.

How does this work? If you know my IP address, how will you blindly find my e-mail address?

Okay; I understand if you know I accessed your site from [64.174.91.254], you can run a reverse lookup and find, 'adsl-64-174-91-254.dsl.sntc01.pacbell.net'. From which you can deduce that my e-mail address ends in, '@pacbell.net'. But you still don't know if my email address user name bears some resemblance to any name I plugged into your site.

Generic listings, similar to password lists.
I am generalizing and for all we know, the emails may be spoofed and not directed specifically at the user either as well. But if the bot picks up a visitor the generic listings maybe added to the reverse lookup for deducing the ISP.
I'm sure a bot can do as you just did and more with a SQL database of helpful goodies to work with the hit it received.
Anyway this is still a very generalized topic, nothing like sites, email headers or anything else has been provided to be specifically helpful as to what happened.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



humanfilth

join:2013-02-14
cyber gutter
reply to thirteenone
A quick Google search shows this happens occasionally.

I remember once when I forgot to log out a yahoo mail account. The next site I went to, I left a reply in the comment section(it looked like it was anon posts) and I click post and it thanks the name that is on my yahoo email account(site has one of those deals with Yahoo for comments bullshit). No nefarious emails from it, but that is why my browsers delete cookies and history on exit and I don't accept third party cookies.
No auto fill and no automatic password entry.
I close the browser enough to clear tracking cookies.

Last time I looked at Internet Exploders cookie files(I delete them on exit too, but I very rarely use IE) it fills up with tons of crap cookies. Even when I don't use IE, due to hooks from other Microsoft programs(Skype, media player, etc).
Just deleted about a dozen and had not opened IE on this system in months.

Heck knows with OP's email being scraped. Maybe he had entered his email address on some site(or his login is via a emailaddress and not user name) and a poorly coded open cookie got placed for some reason and that cookie got stolen.
»en.wikipedia.org/wiki/HTTP_cooki···ie_theft


norwegian
Premium
join:2005-02-15
Outback
reply to DrModem
said by DrModem:

Because that's not how it's happening.

Probably you have an account with and are logged into some site that is tracking your web activity with a cookie (Thus how they can pair the email with the web activity) and then selling your email address and search history to third parties who are sending interest based spam. It's not google because they don't do that (You can read their privacy policy, it says so, unless you have reason to believe they are lying).

You should look at the privacy policies of sites you log into(Somewhere in all the legalese they should say whether or not they sell info to third parties) and maybe clean out your cookies/cache.

I'd gather another site was in the user history or cache, or still logged into a very public social site that lists your email by default etc, CSS or XSS or similar, and javascript as well.

My initial list was a general look at what could be created once you click on sites and visit them. Until you visit, there is nothing, once visited, there can be a multitude of options......
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



norwegian
Premium
join:2005-02-15
Outback
reply to humanfilth
said by humanfilth:

No nefarious emails from it, but that is why my browsers delete cookies and history on exit and I don't accept third party cookies.
No auto fill and no automatic password entry.
I close the browser enough to clear tracking cookies.

That is a start, and as everyone points out, script protection.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke


scross

join:2002-09-13
Cordova, TN
reply to humanfilth
Yahoo claims that people forgetting to log out of their email accounts is one of the main ways that these accounts get compromised - by behind-the-scenes, drive-by attacks on logged-in accounts which happen while you continue to surf the web. Maybe so, but I remember that not too long ago Yahoo was conscientious (maybe a little too aggressive, even) in forcing log-outs after some period of inactivity. They seem to not be doing this any longer (or maybe there is just a setting somewhere that I need to check), so these days I have to be careful about logging myself out.


La Luna
RIP Lisa
Premium
join:2001-07-12
Warwick, NY
kudos:3

1 recommendation

The OP stated it's not a Yahoo (or any webmail) account. Which is why I'm questioning how this could happen as he/she described, just from a google search/opening a few links. If that were the case, it would be happening to all of us, and it's not.

More info is needed, but it's not happening.