Cable Forum - View Single Post - NTL: email addresses obtained by spammers?

nedsram · 11-11-2005, 18:40

Over the last two weeks I have received about ten emails. In every case they are sent to a single ntl email customer, and bcc-ed to an unknown number of other ntl email customers. The last one I received was addressed to me. They contain offers of pirated software at knockdown prices (e.g. XP Professional $49.95). They are flagged by NTL as spam, but I have opted to receive "spam" until I am satisfied that there are no "false positives".

I have several concerns about this:

1. It appears that spammers have obtained a list of ntl email addresses. As a result of this I could - if I wished - collect email addresses of other users. In other words I believe that there has been a security breach at NTL. I had a similar problem with tesco.net a few years ago. Naturally they denied that there had been a security breach, even though one of the recipients was their own marketing department.

2. The emails are deliberately dressed up to appear very similar to those sent out by Amazon. They include numerous graphical links to amazon.com. I informed Amazon of this development, together with details of IP addresses, and received the appended reply. (The odds against the email addresses being "randomly generated" is extremely high.)

3. If you are enticed into buying this pirated software, you will be directed to a website hosted in China (I did a whois lookup on the IP address). There you will be directed to a "secure payment" site, also hosted in China, and asked for your credit card details. In other words this is a phishing attempt. The reason they cite for being able to offer the software so cheaply is that it is "only available by download, so no fancy packaging...". Nice try - must do better next time. Note that Amazon require you to log in before accepting orders, and they will normally use credit card details previously registered with your account.

If anybody wants me to post the contents of this email, or anybody from NTL would like a copy forwarded, please let me know.

----------
Amazon response:
Thank you for writing to Amazon.co.uk.

The e-mail you received did not originate from Amazon.co.uk and we
had no part in it or its content. It is not the policy of
Amazon.co.uk nor Amazon.com to request payment card numbers by e-mail
and we would never write to a customer to ask them to do so, as
electronic mail does not provide security.

Please rest assured that we understand your concerns regarding the
e-mail message you received. We are also very concerned about the
implications of this message and the misappropriated use of our name,
and we are currently investigating this situation.

You should not send any information about yourself back to the e-mail
that you received (especially any credit or debit card numbers or
personal information).

Also, please be assured that Amazon.co.uk is not in the business of
selling customer information. Many spammers and spoofers use programs
that randomly generate e-mail addresses, in the hope that some
percentage of these randomly-generated addresses will actually
exist. Further altering the appearance of the sender in e-mail
headers can be a relatively simple process and copying the general
appearance of a website is also simple.

If you encounter any other uses of the Amazon.co.uk or indeed, the
Amazon.com name that you think may be fraudulent, please do not
hesitate to contact us again. The Internet is a large and fairly
unregulated universe; it is only through our constant vigilance and
with the help of others like yourself that we can ensure that our
name is not misappropriated for illegitimate uses.

We hope that we have been able to alleviate your concerns. Thank you
again for alerting us to this situation.

Warmest regards

Rocke W.
Customer Service
Amazon.co.uk
----------

11-11-2005, 18:40	#1
nedsram Inactive Join Date: May 2005 Location: Near Stockport Services: L broadband, XL TV plus Sky Sports and Movies, phone Posts: 42	NTL: email addresses obtained by spammers? Over the last two weeks I have received about ten emails. In every case they are sent to a single ntl email customer, and bcc-ed to an unknown number of other ntl email customers. The last one I received was addressed to me. They contain offers of pirated software at knockdown prices (e.g. XP Professional $49.95). They are flagged by NTL as spam, but I have opted to receive "spam" until I am satisfied that there are no "false positives". I have several concerns about this: 1. It appears that spammers have obtained a list of ntl email addresses. As a result of this I could - if I wished - collect email addresses of other users. In other words I believe that there has been a security breach at NTL. I had a similar problem with tesco.net a few years ago. Naturally they denied that there had been a security breach, even though one of the recipients was their own marketing department. 2. The emails are deliberately dressed up to appear very similar to those sent out by Amazon. They include numerous graphical links to amazon.com. I informed Amazon of this development, together with details of IP addresses, and received the appended reply. (The odds against the email addresses being "randomly generated" is extremely high.) 3. If you are enticed into buying this pirated software, you will be directed to a website hosted in China (I did a whois lookup on the IP address). There you will be directed to a "secure payment" site, also hosted in China, and asked for your credit card details. In other words this is a phishing attempt. The reason they cite for being able to offer the software so cheaply is that it is "only available by download, so no fancy packaging...". Nice try - must do better next time. Note that Amazon require you to log in before accepting orders, and they will normally use credit card details previously registered with your account. If anybody wants me to post the contents of this email, or anybody from NTL would like a copy forwarded, please let me know. ---------- Amazon response: Thank you for writing to Amazon.co.uk. The e-mail you received did not originate from Amazon.co.uk and we had no part in it or its content. It is not the policy of Amazon.co.uk nor Amazon.com to request payment card numbers by e-mail and we would never write to a customer to ask them to do so, as electronic mail does not provide security. Please rest assured that we understand your concerns regarding the e-mail message you received. We are also very concerned about the implications of this message and the misappropriated use of our name, and we are currently investigating this situation. You should not send any information about yourself back to the e-mail that you received (especially any credit or debit card numbers or personal information). Also, please be assured that Amazon.co.uk is not in the business of selling customer information. Many spammers and spoofers use programs that randomly generate e-mail addresses, in the hope that some percentage of these randomly-generated addresses will actually exist. Further altering the appearance of the sender in e-mail headers can be a relatively simple process and copying the general appearance of a website is also simple. If you encounter any other uses of the Amazon.co.uk or indeed, the Amazon.com name that you think may be fraudulent, please do not hesitate to contact us again. The Internet is a large and fairly unregulated universe; it is only through our constant vigilance and with the help of others like yourself that we can ensure that our name is not misappropriated for illegitimate uses. We hope that we have been able to alleviate your concerns. Thank you again for alerting us to this situation. Warmest regards Rocke W. Customer Service Amazon.co.uk ----------