LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 01-24-2018, 08:57 AM   #1
chrisVV
Member
 
Registered: Aug 2010
Posts: 262

Rep: Reputation: 100Reputation: 100
gmail spam from "Christian Mingle"


Yesterday out of the blue I have begun receiving spam in my gmail account from an outfit called Christian Mingle, involving potential encounters with females of somewhat improbable names (I am male). I have received over 50 such emails in the last 24 hours, many of them repetitive. I got about 20 of them in the space of 5 minutes last night all from the same "person".

Christian Mingle seem to be a dating site for those professing to be Christians. Although they seem to have an indifferent reputation they also don't seem to be out-and-out bulk spam transmitters in the sex trade. I have reported this to them and they say I have an account with them (I don't and I have never previously even heard of them) which they have cancelled, which has not stopped the spam. They seem pretty much unperturbed by all this.

There seem three possibilities. (i) Christian Mingle have been hacked and are being used by spammers; (ii) I have been cracked enabling someone to intercept my email so allowing them to set up an account in my name using my gmail address in order to spam me; (iii) google's gmail system has been cracked.

(iii) seems pretty improbable and (i) the most likely. As to (ii), I suppose this is not impossible though I am running the latest slackware current with the latest kernel (4.14.14), firefox (58.0) and other security updates, and I always run a firewall and have no ports open to the outside world save ssh (which is SHA-256 pubkey authentication only).

One feature of this is that the local part of my normal gmail address comprises my last name and first name separated by a dot. The spam does not have a dot. With gmail, dots in the local part are ignored so john.smith@gmail.com is the same as johnsmith@gmail.com. I don't know if that offers any vectors for attack by spammers.

Are there any tell-tale things I should look out for to detect whether I have been cracked and does anyone have any other ideas?
 
Old 01-24-2018, 09:09 AM   #2
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 6,311

Rep: Reputation: Disabled
While john.smith and johnsmith are the same for Gmail it actually allows creating accounts like this. Result, I'm getting emails for people who are real. One of them even purchased Netflix service, I was able to log in into Netflix and watch movies using the information in welcome email.
Conclusion, I do not think you are hacked. Just log into Gmail over web interface and mark those mails as spam, Gmail spam filters will take care of them from there.
 
Old 01-24-2018, 09:32 AM   #3
chrisVV
Member
 
Registered: Aug 2010
Posts: 262

Original Poster
Rep: Reputation: 100Reputation: 100
Quote:
Originally Posted by Emerson View Post
While john.smith and johnsmith are the same for Gmail it actually allows creating accounts like this. Result, I'm getting emails for people who are real. One of them even purchased Netflix service, I was able to log in into Netflix and watch movies using the information in welcome email.
Conclusion, ... .
Wow, cool, movies for free! But if the account john.smith@gmail.com is taken then google will not allow another person to obtain johnsmith@gmail.com, and vice versa. Someone applying for a service might enter the wrong email address so that emails go to another person. However I have assumed that those providing services to the public which involve the setting up of an account would send an email to the email address given by the person setting up an account, requiring them to confirm the account request.

I guess what you say could only occur with a service provider that does not follow that approach. For a rubbish dating site that may happen but you would think netflix would do better. Do you know what happened to the poor guy with the netflix subscription?
 
Old 01-24-2018, 10:50 AM   #4
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 2,667

Rep: Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997
For what it's worth, I've seen sites that may send an e-mail with a confirmation link on sign-up but may not necessarily do the same thing on the CHANGE of an e-mail address. So it's possible someone signed up for a service, then changed their e-mail address to yours without the site needing confirmation. Not saying this is the case with this site, just that I've seen it before on others.

Edit: "Back in the day" there used to be "FREEPOST" coupons in newspapers and magazines, basically "Fill in your details and drop this card in to a post box for free". We'd pick a victim and fill in their details and drop as many of these different cards as we could find. Even better were the ones with a "Tick this box and a salesman will visit your home!" (Yes kids, this is what we did for amusement in the 1980s)

Last edited by TenTenths; 01-24-2018 at 10:52 AM.
 
Old 01-24-2018, 11:24 AM   #5
keefaz
LQ Guru
 
Registered: Mar 2004
Distribution: Slackware
Posts: 6,118

Rep: Reputation: 687Reputation: 687Reputation: 687Reputation: 687Reputation: 687Reputation: 687
Personally I never found reporting email as useful, in fact the most time it's getting worst after that
 
Old 01-24-2018, 11:42 AM   #6
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 6,311

Rep: Reputation: Disabled
Maybe Google won't allow this any more, but it perhaps was possible at some point. Let's say my email is abdcef@google.com, I have seen emails in my inbox sent to a.bcdef@google.com for Jason *** and a.b.cdef@google.com for James ***. Repeatedly. Makes me think these people have such Google accounts.
 
Old 01-24-2018, 01:45 PM   #7
ChuangTzu
Member
 
Registered: May 2015
Location: Where ever needed
Distribution: Slackware/Salix, FreeBSD, Mageia, Debian
Posts: 748

Rep: Reputation: 518Reputation: 518Reputation: 518Reputation: 518Reputation: 518Reputation: 518
reply with this:
https://duckduckgo.com/html?q=pagan%20dating%20site

seriously though, just keep marking it as spam don't click on any links etc....I went through a spell where I kept getting Russian models offering me all kinds of stuff...I'm sure it was more like a large burly hairy man (or woman).
 
Old 01-24-2018, 04:06 PM   #8
fido_dogstoyevsky
Member
 
Registered: Feb 2015
Location: Victoria, Australia
Distribution: Slackware 14.2
Posts: 202
Blog Entries: 2

Rep: Reputation: 162Reputation: 162
Quote:
Originally Posted by Emerson View Post
Maybe Google won't allow this any more, but it perhaps was possible at some point...
Same thing happened to my gmail spamtrap account - I've given up trying to find some way of letting google know, they like their privacy too much. I just check it every month or two to see if anybody sent me anything to the wrong address, and once found an email from the school the "other" account holder's child goes to (replied to that one immediately I saw it).
 
Old 01-24-2018, 04:29 PM   #9
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: CentOS 6 & 7
Posts: 2,925

Rep: Reputation: 785Reputation: 785Reputation: 785Reputation: 785Reputation: 785Reputation: 785Reputation: 785
Looks like you can make some money:

http://www.marketwired.com/press-rel...ng-1714174.htm
 
Old 01-24-2018, 08:22 PM   #10
jefro
Moderator
 
Registered: Mar 2008
Posts: 17,939

Rep: Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676Reputation: 2676
I sometimes like to make sure the email does contain correct links and also know who exactly is sending it in header. Tend to assume spam is as fake as the news.

It is possible that someone simply is using your email to avoid their real identity.
 
Old 01-25-2018, 01:21 AM   #11
webhostus
LQ Newbie
 
Registered: Feb 2011
Location: US
Posts: 5

Rep: Reputation: 0
Can be a email spoofing issue, have you tried some spam filter rules ? they do work if you set them correctly.
 
Old 01-26-2018, 07:09 AM   #12
chrisVV
Member
 
Registered: Aug 2010
Posts: 262

Original Poster
Rep: Reputation: 100Reputation: 100
Quote:
Originally Posted by TenTenths View Post
For what it's worth, I've seen sites that may send an e-mail with a confirmation link on sign-up but may not necessarily do the same thing on the CHANGE of an e-mail address. So it's possible someone signed up for a service, then changed their e-mail address to yours without the site needing confirmation. Not saying this is the case with this site, just that I've seen it before on others.
After not giving up I have managed to get Christian Mingle to stop spamming me. It is clear that I have not been cracked; I am not clear however whether spammers have managed to take over all or part of their operation. I suspect not - it looks more as if as part of their business practices they allow any "member" to send annoying messages to other "members", and either they do not include confirmatory emails when a new account is set up, or as you suggest they do not include confirmatory emails when the registered email address is changed, so that any unfortunate victim can be made a "member" without their consent or knowledge. Either of these allows Christian Mingle to be used as a spam machine.

They say that "we do our best to remove all fraudulent profiles" but that doesn't seem right because of the failure to use confirmatory emails, which is the expected and widespread practice for such things in the industry.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Pop Up = Evolution domain "Gmail.com" is not registered LorenMClark Linux - Newbie 1 03-24-2017 08:44 PM
[SOLVED] GMail: Some random mails automatically get marked "Important" :rolleyes: TheIndependentAquarius General 4 05-30-2011 02:56 AM
[SOLVED] "Save as draft" option for new posts as we have on Gmail TheIndependentAquarius LQ Suggestions & Feedback 3 11-16-2010 08:51 AM
echo mypage.htm | mutt -s "hello news" myemail@gmail.com frenchn00b Linux - General 16 04-20-2009 01:21 AM
Gmail notifier gives error: "wrong ELF class: ELFCLASS32" aero_b Linux - Newbie 13 03-01-2007 07:47 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 01:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration