RSS / Atom

spammers and

2005-07-23 , ,

In December of 2003 I bought a gift magazine subscription for a friend
through Expecting the worst, I used a unique
one-time email address generated explicitly for that transaction. I
have not received anything through that account over the past two
years other than the renewal notice and similar magazine offers. I expect these
and do not consider them spam and they are clearly described in their [privacy policy](
> We do not distribute, sell, or rent your name or personal information to any third party, and will never do so without your permission. This includes any e-mail addresses or mailing addresses that you provide. When you place an order, your mailing address is only transmitted to the publisher or respective fulfillment house for the publication.

> From time to time, we will send updates about, such as special offers, updates or new titles. At time any time, you may express your desire not to receive these mailings, either by sending us e-mail or following the remove instructions included in every mailing we send.

However, I noticed that starting on July 1, 2005, I had spam for that
single use account. I can suggest several possibilities that might explain this:

* and NetVision Associates, Inc. violated its own privacy policy and intentionally distributed my email address to spammers. * and NetVision Associates, Inc. shared my email address with an employee, associate or affiliate who themselves is a spammer or distributed it to spammers. * one of the publishing houses that and NetVision Associates, Inc. work with allowed my email address to be distributed to spammers. * and NetVision Associates, Inc. had its web site security compromised and my email address was stolen and used by spammers. * an internal host used by or NetVision Associates, Inc. was compromised and my email address was stolen and used by spammers. * a mail gateway or intermediary host between my mail exchangers and the hosts of or NetVision Associates, Inc. was compromised and my email address was plucked out and used by spammers. * an incredibly unlikely combination of account, non-alphanumeric separator and unique identifier at my domain was randomly used by spammers and they got lucky.

I do not suggest that or NetVision Associates,
Inc. is itself engaging in spamming or supporting spammers and I have no idea how
my email address came to be used by spammers.
However, given that even [United Airlines]( failed to protect a similar unique one-time email address,
I am unsurprised that a smaller organization also failed to protect
an email address from abuse.



Commenting is closed for this article.