Sorry for resurrecting Ye Olde Thread mostly just to add ...
and check out the
but a specific e-mail address which is used SOLELY for this site/forum on a PN account that didn't even exist at the time of the primary PN e-mail hack has today received spam for the very first time.
The (now apparently compromised) PN A/C was set up some time after PN managed to release email details for all of my F9 and PN A/Cs to one or more 3rd parties in 2007. As far as I'm concerned, this data can only have been obtained via PN/PUG because I just can't see how there can be any other plausible source. It quite simply doesn't exist anywhere else and hasn't seen any spam to date despite further alleged PN data breaches subsequent to the well known about event in 2007.
Although PN wrecked all of my long-standing A/Cs by releasing data and they continue to get regularly spammed to death, the spam received is still being fully monitored. I am well aware of the alleged breach in Nov 2014 as it was immediately obvious from my monitoring that additional specific data had been compromised despite all the PN denials various. However, this specific PUG e-mail address and/or this specific PN A/C wasn't affected then and hasn't been affected at any time to date either. It seems that this shiny new spam is not being seen on any other e-mail address on any other PN/F9 A/C whether previously compromised or otherwise ... just the one specific address on the one specific PN A/C that has only ever been used here.
Delayed reaction to one or more of the previous PN hacks or is anyone else seeing shiny new e-mail abuse ?EDIT:
More info and an examplepug@My_PN_Account2.plus.com
didn't exist until December 2007 (A/C My_PN_Account2.plus.com was registered around June 2007) and the address was only really in occasional use during 2008 in any case. Primarily thread reply notifications early/mid 2008 plus just a few random PMs late 2008. There have only ever been 132 PUG messages received with the very last genuine message being in January 2009.
Received: from spooler by mail.My_PN_Account.plus.com (Mercury/32 v4.72); 20 Feb 2017 08:07:46 -0000
Received: from POP3D by mail.My_PN_Account.plus.com with MercuryD (v4.72); 20 Feb 2017 08:07:39 -0000
Delivery-date: Mon, 20 Feb 2017 08:05:43 +0000
Received: from [22.214.171.124] (helo=avasin06.plus.net)
by inmx18.plus.net with esmtp (PlusNet MXCore v2.00) id 1cfiyd-000549-9d
for pug@My_PN_Account2.plus.com; Mon, 20 Feb 2017 08:05:43 +0000
Received: from [126.96.36.199] ([188.8.131.52])
by avasin06.plus.net with Plusnet Cloudmark Gateway
id mw5f1u0084K1Gds01w5iAL; Mon, 20 Feb 2017 08:05:43 +0000
X-CNFS-Analysis: v=2.2 cv=Bb2o6vl2 c=1 sm=1 tr=0
p=RTk0eHZ2DrJlZPA3llzyDg==:17 p=a-0_99mXpksmAfr0s-EA:9 p=y3TWnlBEAAAA:8
p=zLQcBLSSKIrqbsZe:21 a=RTk0eHZ2DrJlZPA3llzyDg==:117 a=r77TgQKjGQsHNAKrUKIA:9
a=tfwewdB7HFUA:10 a=QPd-B6XI0CwA:10 a=_W_S_7VecoQA:10
Date: 20 Feb 2017 15:22:25 +0300
X-Mailer: Microsoft Windows Live Mail 15.4.3508.1109
X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3508.1109
X-pn-pstn: Spam 1
X-PN-Spam-Filtered: by PlusNet MXCore (v5.00)
Subject: From International Company
X-Agent-Received: from Mercury POP (PN/My_PN_Account2) (pop.My_PN_Account.plus.com); Mon, 20 Feb 2017 10:24:19 +0000
We are looking for employees working remotely.
My name is Mercedes, I am the personnel manager of a large International company.
Most of the work you can do from home, that is, at a distance.
Salary is $2100-$5600.
If you are interested in this offer, please visit
d_healthHave a nice day!
The A/C has a catch-all mbox so it would be fairly obvious if this was a result of a dictionary attack or something similar. It isn't. There is absolutely no evidence of any other spam being received at any time.