Author Topic: Avast server compromised ?  (Read 2259 times)

0 Members and 1 Guest are viewing this topic.

Offline a-tech

  • Jr. Member
  • **
  • Posts: 25
Avast server compromised ?
« on: April 10, 2017, 10:27:15 AM »
Hi all,
I use a particular email address that is only used for logging into Avast. I must stress it is ONLY used for Avast. I have other email addresses that are only used for specific purposes such as Dropbox, Paypal, eBay, Facebook etc - all are unique.

This morning I started receiving junk mail (spam) sent specifically to the address used for Avast.
I have previously received spam for a couple of my other addresses for specific small supplier websites, also my old Dropbox address which are now all set as spam. When I bother to check they (more or less) all get the same spam.

What I am concerned about is that the Avast specific address has now been compromised just days after renewing my IS licence. None of the other email addresses I have used recently with suppliers or for logging into websites is getting this spam (from goksteel@goksteel.com) .

Any thoughts or comments?


Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31301
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast server compromised ?
« Reply #1 on: April 10, 2017, 10:32:20 AM »
They generate random email addresses, get them out of (illegal) listings and such.
It doesn't matter what you are using a email address for or at what provider, sooner or later there will be spam sent to it.

Offline a-tech

  • Jr. Member
  • **
  • Posts: 25
Re: Avast server compromised ?
« Reply #2 on: April 10, 2017, 10:47:06 AM »
Hmm I disagree.
I own several domains and use sacrificial addresses for small or new suppliers and unique addresses for long term suppliers.
These addresses are forwarded onto my actual email addresses.

So maybe I would use my.sws.bk@mydomain.co.uk for my Swiss Bank Ltd account (yeah I really have one - Not).
This junk is targeted specifically at the my.avast.acc@mydomain.co.uk (not the address I actually use) but you get the picture.

Its not a lucky guess or randomly generated.
Anyone getting this ?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72823
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Avast server compromised ?
« Reply #3 on: April 10, 2017, 10:54:51 AM »
This junk is targeted specifically at the my.avast.acc@mydomain.co.uk (not the address I actually use) but you get the picture.
Its not a lucky guess or randomly generated.
Well, to be honest, your username for your avast email isn't really tricky. ;)
Win 8.1 [x64] - Avast PremSec 21.10.6772.IBC [UI.679] - EEK - Firefox ESR 91.3 [NS/uBO/PB] - TB 91.3.2
Avast-Tools: Secure Browser 96.0 - Cleanup 21.3 - SecureLine 5.14 - Driver Updater 21.3 - CCleaner 5.87
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31301
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Avast server compromised ?
« Reply #4 on: April 10, 2017, 10:57:18 AM »
You don't have to agree but that doesn't change the fact as I stated.

Offline a-tech

  • Jr. Member
  • **
  • Posts: 25
Re: Avast server compromised ?
« Reply #5 on: April 10, 2017, 10:57:34 AM »
duh I did say that my.avast.acc@mydomain.co.uk is not the actual address I use for my Avast account.
 :o

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72823
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Avast server compromised ?
« Reply #6 on: April 10, 2017, 10:59:34 AM »
duh I did say that my.avast.acc@mydomain.co.uk is not the actual address I use for my Avast account.
 :o
Yes, I know.
Win 8.1 [x64] - Avast PremSec 21.10.6772.IBC [UI.679] - EEK - Firefox ESR 91.3 [NS/uBO/PB] - TB 91.3.2
Avast-Tools: Secure Browser 96.0 - Cleanup 21.3 - SecureLine 5.14 - Driver Updater 21.3 - CCleaner 5.87
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37129
Re: Avast server compromised ?
« Reply #7 on: April 10, 2017, 11:32:55 AM »
Have i been pwned  >>  https://haveibeenpwned.com/

pwned websites  >>  https://haveibeenpwned.com/PwnedWebsites

How Do Spammers Get Your Email Address?
https://www.howtogeek.com/180477/htg-explains-how-do-spammers-get-your-email-address/

Guessing Email Addresses
http://www.bustspammers.com/guess-email-address.html



Quote
What About Wrong Guesses?

What about them? Nothing! It’s not like it costs anything to send another email. Or another 10,000 emails. So what, if most of them go to non-existing addresses? And since the From address is always faked, the bounces will not flood the spammers own computer, but some innocent victim whose email address had been used in the From field.



« Last Edit: April 10, 2017, 11:44:11 AM by Pondus »

Offline moroni

  • Avast team
  • Poster
  • *
  • Posts: 632
Re: Avast server compromised ?
« Reply #8 on: April 10, 2017, 12:36:08 PM »

Offline a-tech

  • Jr. Member
  • **
  • Posts: 25
Re: Avast server compromised ?
« Reply #9 on: April 13, 2017, 10:06:59 AM »
Or maybe because of https://blog.avast.com/2014/05/26/avast-forum-offline-due-to-attack/ ?

That is possible but I would have expected some spam to the particular address I used at that time, as it was in 2014.
No this is a new episode which is why I was wondering if anyone else was getting spam thrown at a particular address they use for logging into Avast. ?

I am not interested in responses that go on about all email addresses get compromised in the end. If it was the ISPs that were compromised I would see the actual ISP email addresses being used - which I am not. The only website I have used with this particular address are used by Avast. So if the email was scrapped from a website it would be an Avast website.

If people are not interested in an early warning then fine I have spoken up and said my piece, its up to you all to judge what I have said and make your own arrangements.


Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72823
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Avast server compromised ?
« Reply #10 on: April 13, 2017, 10:09:14 AM »
No this is a new episode which is why I was wondering if anyone else was getting spam thrown at a particular address they use for logging into Avast. ?
No such spam issues here. Cheers.
Win 8.1 [x64] - Avast PremSec 21.10.6772.IBC [UI.679] - EEK - Firefox ESR 91.3 [NS/uBO/PB] - TB 91.3.2
Avast-Tools: Secure Browser 96.0 - Cleanup 21.3 - SecureLine 5.14 - Driver Updater 21.3 - CCleaner 5.87
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0