Avast forum careless with emails; complicit in sending viruses

[AlanHK]

I'm not a loonie.

I create a unique email for every forum I join and today I received a virus sent to the email I only used to join this forum.
It was  the usual crap:

Internet banking payment confirmation
Dear Customer
A payment has been made to your account. To view the details of the payment, please open the attached PDF file.

And the file was actually a zipped javascript file.

So either Avast is itself sending me viruses, or the forum was hacked and the logins of members were copied.

Really gives me great confidence in the product.


PS. Just checked my spam folder and found a dozen other spams to the same address since yesterday, with different stories but all with the same payload.

So, thanks a bunch Avast for being so careful with our data.
I've got dozens of different emails for logins on some very dubious sites, but they never send me any illegitimate mail.

[Pondus]

So, thanks a bunch Avast for being so careful with our data.

Well you are wrong, email spoofing is the oldest trick in the book


Mail spoofing  >>  https://en.wikipedia.org/wiki/Email_spoofing

https://www.google.no/webhp?sourceid=chrome-instant&rlz=1C1JZAP_noNO713NO713&ion=1&espv=2&ie=UTF-8#q=mail%20spoofing

https://www.google.no/webhp?sourceid=chrome-instant&rlz=1C1JZAP_noNO713NO713&ion=1&espv=2&ie=UTF-8#q=how%20do%20spammers%20harvest%20email%20addresses

[Eddy]

Just because you received mail on that address doesn't mean the email address was harvested from one of the databases from avast.

[Pondus]

And the file was actually a zipped javascript file.

Upload the attachment to  virustotal.com  /  metadefender.com  /  jotti.org

Then all member there will recive it and add signature if not already detect

[Lotan]

you were a member of avast back in 2013 and in 2014 the avast forums were hacked and data was taken like emails. so thats how spammers would have got your email

[Pondus]

you were a member of avast back in 2013 and in 2014 the avast forums were hacked and data was taken like emails. so thats how spammers would have got your email

Not necessarily. I have a @1337.no  mail account, only exist in Norway and is rare even here.
I have never used that account for anything, so how did the spammers find it   

[Eddy]

Did my random email address generator with brute force A.I. technology really found it Pondus?

[Pondus]

Did my random email address generator with brute force A.I. technology really found it Pondus?

Correct      a old and simple trick, they guessed it.
When i look at the header it is send out to probably hundred different combination of my name and one was correct

[AlanHK]

Just because you received mail on that address doesn't mean the email address was harvested from one of the databases from avast.

Yes it does, if this is the only place I ever use it.
In fact, I have never used the address to send from, and it's been years since it previously received any mail, when I registered at the forum.

The ONLY database that could contain it is here.

If the email provider was hacked, I'd be getting this spam from the hundreds of emails that I use at other forums and for other reasons. But it's ONLY from the address I created for Avast.

Got one more this morning. Again ONLY to the Avast address.

So, thanks a bunch Avast for being so careful with our data.

Well you are wrong, email spoofing is the oldest trick in the book

No. Spoofing has nothing to do with it.
The emails do not purport to be from Avast.
The issue is the TO address (i.e., my unique one only used for Avast), not the FROM address which anyone can fake.
Try reading a post past the subject line before replying.
I'll reword my headline, didn't want to be too verbose since it was all explained in the post, but I guess I went over some people's tl;dr limit.

Did my random email address generator with brute force A.I. technology really found it Pondus?

Correct      a old and simple trick, they guessed it.
When i look at the header it is send out to probably hundred different combination of my name and one was correct

My address is 11 random characters. Would take trillions of tries.


Anyway, I knew I'd get a bunch of people who insisted it was my fault and that I'm a clueless idiot who doesn't know what an email address is. For anyone who isn't an evangelist, take care.

[CraigB]

Anyway, I knew I'd get a bunch of people who insisted it was my fault and that I'm a clueless idiot who doesn't know what an email address is. For anyone who isn't an evangelist, take care.

You got it cya

[RejZoR]

Ever thought the provider you're registering new email with is doing that? I mean, if you're making new emails with it freely for each registration, it means they need some sort of funding to run such free operation. Now, while you haven't posted which provider it is, I can't be excluding that option either.

Not to mention, believing an AV company would intentionally send malware to you via e-mail sounds like the dumbest conspiracy theory you can think off. AV companies have to constantly keep up their reputation with false positives and decisions around marketing of their products not to be too aggressive and you think they'd covertly be distributing malware to its users. Or selling out their e-mails. Hm?

Besides, not sure what's the point of having 5000 different e-mails for 5000 registrations for services. I have one address with GMail. Want to know how many malware I've received in last DECADE? None. Want to know how many spam messages landed in my Inbox in last decade? 2-ish. Maybe. So little I'm not even sure if it was really in this time span. But oh well... ¯\_(ツ)_/¯

Besides, I've seen similar years ago, far before GMail when I registered my first e-mail with my free dialup ISP (they only charged minute impulses, no monthly fee). I haven't used the e-mail anywhere and after some time I started receiving bulk e-mail not even physically addressed to me. Which brings me to my first paragraph. There probably is a connection. Intentional or unintentional by the e-mail/service providers.

[Eddy]

AlanHK,

just because this webboard is the only place where you are using that email address for still doesn't mean the spammer got it from avast.
It is not the only place your email address is stored.

And there is also the option to generate random names for email addresses and send a mail to all of them to see if someone clicks on a link in the mail.
Even when no one would click the link in the mail, the spammer will still know what email addresses exist and which ones not.
If a email address doesn't exist, the mail server will send it back to the sender letting him know.

You can believe it or not, but the fact remains that the email address doesn't have to be taken from one of the databases that avast is using.

I suggest you login to https://my.avast.com and change your email address there.

[Pondus]

My address is 11 random characters. Would take trillions of tries.

A email address generator would make a trillion in minutes and some will work

Posted in 1997 so spammers have improved there  technique today
Spammers hit random addresses  >>  https://www.cnet.com/news/spammers-hit-random-addresses/

John Brogan, chief executive of ReplyNet, thinks he has found a disturbing new trend among junk emailers: sending out mailings to lists full of random email addresses.

He calls it "blind broadcasting," a practice in which spammers make up random email addresses in hopes of hitting upon a few legitimate ones. And he says it is costing his company thousands of dollars per year.

[bob3160]

We need to remember that once a smart person has made up their mind, it's very hard to
get them to see the errors of their ways. After all, they have thought it all through and they must be right even when they are wrong.
Have a blessed Thanksgiving

[AlanHK]

AlanHK,
just because this webboard is the only place where you are using that email address for still doesn't mean the spammer got it from avast.
It is not the only place your email address is stored.

The email provider has a few hundred of my email aliases.
The ONLY ONE that I am getting these spam/viruses from (another half dozen today) is the address I gave to register here.
The only other place this email address is stored is on my PC, and again, it is among hundreds of others.

I have not sent or received via this email since I registered  in 2013.

So: either Avast leaked my email, or someone hacked Sneakemail or my PC, ignored all the other addresses in the same file, and extracted the Avast forum address, an address I have not used for three years.
Which is more likely?

I will trash the address and make a new one; that's why I use these aliases. And because it lets me know exactly who is responsible for any abuse of the address.

But I had hoped that someone here might give a shit.
Instead, you all can only think of how to discredit the facts I've reported.