Email scam, now it starts

This post will be fine for my karma, I guess. My Told-you-so-karma. On Thursday 24th, Nov. 2011 I got my first scam email where the sender stepped into a mistake, which he couldn’t possible avoid. The email was send to a one-purpose e-mail-address which I usually set up for each online-shop or whatever purpose I need them. I never re-use them and keep track of all those accounts. Yes, that’s a bit of work, but I got used to it. But here’s the problem:

If somewhere one of those e-mail-addresses leaks out of the receivers system, than I can figure out and trace the leak back to it’s origin. For example:

Let’s say I’d order something from Amazon. Then I’d use the e-mail-address _amazon@<my-domain>_. If now amazon sells my address or somehow otherwise looses that data and a third party (which they haven’t yet in my case), the third party would have to use the e-mail address _amazon@<my-domain>_ to send me scam, spam or whatever.  So then I know where the problem might have originated.

So, what happened? I got a Scam from a woman called Marina:

Oh thanks for your message. I should tell you I bad speak in English language. How are you today? I use online translator http://translate.google.com/ You can to read it what I write? I will be glad if you will answer to me. I would love to see more your pics. You have any new pics? My kisses to you Marina

Very nice. It has been unfortunately send to _pixmania@<my-domain>_. So that points me to the online-shop of pixmania, where I indeed once bought something. Since then, I haven’t heard anything from then nor has something happened. We had a happy customer-Shop relationship. So far. But now I start to worry how Marina could figure out which e-mail-address I’ve used for my order at pixmania. Since the only one but me who know about this e-mailaddress is pixmania itself, I decided to ask them and wrote them an email on Nov, 26th. I tried to be polite and not to prejudge them and asked them to confirm that they haven’t sold my email address or any other data to somebody else. Now I’m waiting for an answer.

PS: Yes, I exclude the possibility that someone broke into my system and stole the information from here. Daily experience and news shows currently a higher probability that the problem is external, than on my side. Feel free to ask for details.

  • Update (2011-11-28): I’ve been informed the support has handed this over to their head-quarter. We’ll see what happens.

  • Update (2011-11-30): The answer from the head-quarter is there. They’re IT-Department would like to have a look at the email, incl. header, etc. Unfortunately they’ve send that mail from a “noreply” address and didn’t put any further contact information in it. I guess I have to beg ask for it.

  • Update (2011-12-08): They’ve send me the e-mail address I shall use for sending them the scam e-mail.

  • Update (2011-12-13): I’ve finally managed to send them the file incl. header, etc.