@Graham - re the "ED pills" - in the mail I had today, it was a graphic image.
@mikeb - the four I have seen were each from different IP addresses.
Received: from dyn-91-163-131-134.ppp.tiscali.fr ([91.163.131.134]) by
pih-sunmxcore16.plus.net with smtp (PlusNet MXCore v2.00) id
1HnHrP-0002eJ-2O for username@username.plus.com; Sun, 13 May 2007
17:27:55 +0000
Message-Id: <001101c79594$e5f49ba0$001af094@famille>
From: Damon Hancock <
qoutsharp@anyarizonahomes.com>
To:
username@username.plus.comSubject: shipping rates qualitative Damon
Date: Sun, 13 May 2007 19:28:34 +0200
In my case it is a 'catch all' mail address. This PN ('Essential') account was created on 2005-05-28 and used while I was connected on another ISP. It has mail checked at regular intervals (*) from a commercial mail service (10 GB storage, plus 1 GB FTP space) which pulls in mail from a number of different accounts for me.
On checking much later I did find three more messages (in the spam folder, because the Spamhaus blacklist included the sender IP addresses for those three, just not this one, of the ones sent to 2 PN accounts I check). In all cases I have seen, the "Subject" line ends with the first name of the "Sender".
I have rarely used webmail for any PN account, and don't believe either account name has ever been given on Usenet.
Of course, any person can connect to the PN Forum (guest/guest) and find postings which would show many still-valid user account names, though I don't know if guest/guest would easily allow large scale extraction. I assume it might, if one put together a script to go from some fairly high member number and work backwards to find early account holders.
However this does seem quite strange insofar as the dates mentioned on TBB were also May 2005 - it might just be that an ex-customer with time on their hands used their own profile as a starting point and worked up and down from it... Well, just checked and you can get the
login prompt then onto the
PN Forum and with a bit of scripting (perhaps even using good old Firefox) it may be possible to capture (from
viewing a profile) (+) (a) username and (b) mail address. If none is shown
username@username.plus.com is an easy default target.
Now, increment or decrement the number in that profile and you get to view details of hundreds and thousands of users. Pick some specific starting point and you will find users who first used the forum at a specific point in time (not necessarily when they opened their PN account of course). I'm no PHP/etc scripting genius but anyone who ever had a ZX81 or Spectrum can make a loop to add a number, and with 'web scrape' tools available to capture web content, it may be possible to gather large quantities of data.
Shame, but
guest/guest seems to be a security hole just waiting to be exploited. Some other ISPs I used 10 years ago each had a "user directory" which listed account users alphabetically (pointing to user web pages, as a "feature") but you can see it is a goldmine for spammers to have account names on a plate. OK, the PN Forum isn't exactly laid out alphabetically and needs some work, (also it is perhaps possible to spot a sequential search if one needed to) but shows there's a 'free' way to get lots of details without necessarily needing anyone "on the inside" to copy user info, or a set of data on an old drive to get into the wrong hands.
(*) anything from minutes to hours - don't remember off-hand - I think most of the accounts (a tiny portion are on PN) are on the 10 minute setting.
(+) member of PN staff chosen at random, from list of recent posts on the PN Forum. Just Liam's luck his post was spotted. Happy to alter link if anyone wishes to volunteer to have their details highlighted. Not sure if there's a 'random user' option, and hope that Liam doesn't mind too much. If there's an example profile that PN suggest, then feel free to alter this post, someone, or I will do so later...
