I own my domain, with unlimited user names, so I use a different user name for every site I register on and every company I deal with. This way I can track and sort e-mail and make sure my address isn't getting abused.
The address I used to register with Slowtravel has only been used to register with groupee, for the slowtravel and expats sites. No where else ever. I'm now getting a lot of spams to that specific address. (several a day)
One way spammers get addresses is through viruses/worms- those infect a user who is running outlook or outlook express, and then harvests every address stored in their address books, browser cache, and elsewhere on that computer. So, I'm suspecting that a computer connected with groupee or slowtravel or expats got infected. Has anyone else spotted this happening to them?
By the way, this is a reason to always use bcc and not the to: or cc: fields when sending e-mails to multiple recipients. Otherwise, you're storing your whole recipient list on the computers of everyone on the list, and if just one of those computers gets infected, you have compromised all your friends e-mail addresses.
Posts: 304 | Location: Chicago area and Tuscany | Registered: 26 March 2006
I could send you full headers from some of the spams, but I doubt that helps at all any more. Now that spammers use botnets, the sending computer is a hijacked/infected victim, with no connection to or trace of the origin.
Also the websites they advertise are typically hosted on hijacked servers with rapidly changing dynamic IP, making them very hard to trace.
Posts: 304 | Location: Chicago area and Tuscany | Registered: 26 March 2006
Our policy at SlowTrav is to never sell your email address or in any way reveal it to third parties. Unfortunately, the site is currently hosted by a third party, and we don't have 100% control over the security of the site. However, we take all claims like yours very seriously. Our development team makes frequent security updates, and it's likely that any breach that might have happened in the past has been closed by our ongoing efforts. We're very concerned about the integrity of our site, though, and are devoting special attention to understanding how there may have been email addresses leaked from our user list.
Also, because we want to make sure that our users are able to be confident in the security of their data, we plan to migrate the site from our third party hosting and take over hosting ourselves. Migrating servers will allow us to take full advantage of the knowledge and vigilance of the Internet Brands network operations team. This is the same team that is responsible for sites like Carsdirect.com, Vamoose.com, Loan.com, and many more sites with excellent security track records.
Please keep us informed if you come across any issues like this in the future. It really is important to us that we deal with information security issues promptly and effectively, and any information we get from you can only help our effectiveness. So thanks for keeping us in the loop.
Slow Travel Talk 
