Monday, April 11, 2005
Bright House Customers, Take Warning
As many of you know, I do not use a single e-mail address on this domain. Whatever e-mail address you have for me is, in all likelihood, only being used by you. Similarly, when I provide an e-mail address to a company of which I am a customer, I create a unique alias in front of my @secondinitial.com domain to give them.
Tonight, I received a piece of spam to brighthouse@ my domain. Upon calling Bright House, a representative confirmed my belief that Bright House does not sell customer data. I have no reason to doubt him. Yet, I still received the spam (which was, in no way, related to Bright House or any type of cable services).
Thus, I can only think of two scenarios. The unlikely one is that the spam came as a result of dictionary/wordguess tactics. I feel this is unlikely because when a domain gets an e-mail dictionary attack, it’ll generally receive copies of the spam to many addresses on the same domain. I received no other copies—only to brighthouse@
The other scenario is that someone has illegal access to Bright House’s database. This, too, seems unlikely, but I don’t see any other scenarios.
In any case, my purpose for this entry—specifically if you are a Bright House customer—is to just make you aware that there is at least a small chance that Bright House is compromising your personal data.
» Posted by ALBj at 09:55 PM (ET)
Category: Musings
Comments
Sorry, due to comment spam abuse, new comments on this entry are closed until I find time to upgrade Movable Type and enable registration and moderation.
Another possible, but unlikely scenario is that someone managed to swipe the address from the network stream, say when you posted the form information or sent/received an email with that address. Years ago, I had an FTP password stolen that way.
» Posted by Queue
April 12, 2005 08:35 AM