Today is the day I maybe made one of the biggest mistakes of my online life. Until now I’ve managed not to send any mass-mails or spam using my email address. Multiple years, multiple email accounts and never such a disaster before.
But what happened? I got a bunch of mails over a longer time because someone (I don’t know who) opened an account using my email address at a service I’m not going to name in this blog post but those of you I’m apologizing to know what I’m talking about. To finally get rid of those mails I decided to log into that account and delete it.
Yeah, like I said in the initial paragraph: It was the biggest mistake I made while using the internet. Somehow (until now I don’t know how because I did definitely not trigger such an action) that service started a mass mailing to all contacts in my address book. Before I got the first responses to that mail (they were so “nice” to put my email address into the senders field) I noticed that spam wave because in my address book there are some mail addresses for testing purposes which were never published to the public.
Yeah. Great. Logging into an account someone created with my mail address to delete it and get rid of the spam causes a bigger spam wave…— Knut (@Luzifer) July 24, 2015
Looks like now I have to send a huge bunch of “Sorry”-Mails to like anyone in my address book because of that shit…— Knut (@Luzifer) July 24, 2015
Said this: Please do not accept the “invitation” from my address to join that “social discovery network”. Please treat this email as spam and throw it where it belongs: The trash bin.
Despite the fact I’ve broken my own rule not to click any link in a spam-mail I hope this does not cause a larger spam wave due to anyone subscribing to that service. Luckily the mail was sent in german language so all non-german speaking contacts in my address book will not even understand that mail and hopefully put it into trash as “foreign language spam”…
Update: Looks like I’m not the only one who has fallen for this… Despite I didn’t want to name the company sending out that mails here is an article about the same problem but from about two years ago: A Year Of Spam: The Twoo Experience (And after searching for more results there seems to be a huge list of people having the same problem…)
Update 2: Today I reviewed the list of Apps connected to my Google account and indeed found an app I apparently authorized some day to access my address book. Despite I’m a hundred percent sure I never gave that service any permissions to my Google account there are reports they took over several other apps, one of them an app I authorized a long time ago. Looks like they also used the already authorized apps of the services they took over to gain access to the address book.