[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: invitation to my cam (fwd)
From: Johnny J Chin <jjchin () onesimus ! com>
Date: 2002-03-29 19:55:59
[Download RAW message or body]
Mr. Quimby,
I am glad that you finally understand the situation. And I surely hope
you can see why we are alarmed as we were when we found out
that such an email address is the target of a pornographic SPAM.
I am glad to see that you are now acknowledging the fact that the address
database has been compromised. I sincerely hope that something be done to
track down who illegally took this data. Furthermore, we need to know
what your company is now going to do about having its database
compromised.
We need assurances that your company will take additional steps in
protecting its data from third party eyes.
-- Johnny J Chin
ONESIMUS ENTERPRISES / JTNET.COM
529 Lynn Street; Staten Island, NY 10306-5311
web: www.onesimus.com
tel: +1 718-979-2505 x208
On Fri, 29 Mar 2002, Mike Quimby wrote:
> Date: Fri, 29 Mar 2002 14:45:35 -0500
> Subject: Re: invitation to my cam (fwd)
> From: Mike Quimby <mquimby@thefirstyears.com>
> To: Johnny J Chin <jjchin@onesimus.com>
> Cc: hostmaster@ALLEGIANCETELECOM.COM, jjchin@jtnet.com,
> thefirstyears@josephina.com
> X-JTNET-inbox: [jjchin]
>
>
> Again, I will argue that our e-mail addresses are "@thefirstyears.com" and
> not thefirstyears.com as you mention. The only affiliation between the two
> is as you mentioned.
>
> What does this sentence "The mail address "thefirstyears@josephina.com" was
> setup just so that she
> can sign up with www.thefirstyears.com" mean?
>
> If you can explain what exactly your concern is, I will be more than happy
> to assist you?
>
> I have just looked onto our website, and it does appear that someone
> (guessing your wife - based on the name and address given) has signed up on
> our web site as a parent.
>
> So, what you are saying is that someone has accessed this listing of e-mail
> addresses and is using it to generate SPAM - and you know this because the
> only place the e-mail address "thefirstyears@josephina.com" would have been
> utilized would have been our web site?
>
> This seems to make more sense now, and I can assure you that no one here
> has sold those names to any third parties. That is not to say the data
> hasn't somehow been compromised. In fact, that may be why I got the same
> messages you - since I am in that database as well.
>
> Based on the information you have provided, and my understanding of it, I
> will contact Allegiance, and our web design firm to see if they can shed
> some more light on the subject. In I am incorrect in my conclusions, please
> let me know and I will try to understand better.
>
> If you had simply explained yourself more clearly in the first place, I
> would have understood your point better.
>
> Thanks for taking the time to more clearly elaborate your concerns.
>
> Michael Quimby
> Client / Server Application Developer
> The First Years
> One Kiddie Drive
> Avon, MA 02322-1171
> http://www.thefirstyears.com
>
> (v) 508.588.1220
> (f) 508.580.6849
> (e) mquimby@thefirstyears.com
>
>
>
>
>
>
>
>
>
>
> Johnny J Chin
> <jjchin@onesimus. To: Mike Quimby <mquimby@thefirstyears.com>
> com> cc: hostmaster@ALLEGIANCETELECOM.COM, \
> <thefirstyears@josephina.com>, Sent by: \
> <dhollywood@thefirstyears.com>, <webmaster@thefirstyears.com> jjchin@jtnet.com \
> Subject: Re: invitation to my cam (fwd)
>
> 03/29/2002 02:28
> PM
> Please respond to
> Johnny J Chin
>
>
>
>
>
>
> Mr. Michael Quimby,
>
> My user Josephina has a domian name hosted by our servers. Provisions
> have been setup on her account to allow her to create special vanity email
> address just for the purposes of usage for signing up to particular
> websites and to track things such as selling of her email addresses
> to third parties without her knowing.
>
> The mail address "thefirstyears@josephina.com" was setup just so that she
> can sign up with www.thefirstyears.com. This email address is not used on
> any other website or for any other purposes. Therefore it is obvious that
> someone has taken the email addresses from www.thefirstyears.com and sold
> it to a mailing list marketing company, SPAM company or has personally
> (possibley an employee of www.thefirstyears.com and/or consultant thereof)
> and has used it for other means.
>
> This is obviously a violation of the privacy policy on
> www.thefirstyears.com.
>
> If you still do not understand the circumstance involved in this e-mail, I
> strongly suggest you forward this information to your Chief Technology
> Officer and I will converse with him/her.
>
> Further note, just for your education ... the originating email address
> and headers were spoofed. The only valid email address in the message was
> that of our client's (thefirstyears@josephina.com). If this technicality
> is too difficult for you to understand, please have your CTO contact me.
>
> Again, as my system administrator has mentioned, we absolutely
> unequivocally have a ZERO tolerance for such privacy invasions and SPAM.
>
> -- Johnny J Chin
> President/CEO
>
> ONESIMUS ENTERPRISES / JTNET.COM
> 529 Lynn Street; Staten Island, NY 10306-5311
> web: www.onesimus.com
> tel: +1 718-979-2505 x208
>
>
> On Fri, 29 Mar 2002, Mike Quimby wrote:
> > Date: Fri, 29 Mar 2002 14:14:34 -0500
> > Subject: Re: invitation to my cam (fwd)
> > From: Mike Quimby <mquimby@thefirstyears.com>
> > To: System Administrator <sysadmin@ONESIMUS.COM>
> > Cc: hostmaster@ALLEGIANCETELECOM.COM, sysadmin@jtnet.com,
> > thefirstyears@josephina.com, jjchin@ONESIMUS.COM,
> DNSadmin@ONESIMUS.COM
> > X-JTNET-inbox: [jjchin]
> >
> >
> > This message is so flagrantly untrue, I am unsure whether to even address
> > it - but on the off chance you feel you have a valid point, and are only
> > being overly cautious, I will respond. From your web site, you appear to
> be
> > a reputable business, so I will offer you the benefit of the doubt.
> >
> > I'm not sure who you are, or why you are associating the attached e-mail
> > with The First Years, but I can assure you we have absolutely nothing to
> so
> > with the sending of this - or any other SPAM. The First Years is an
> > established, public company, involved in the Juvenile products industry.
> >
> > The only mention of "The First Years" in this message is to the left of
> the
> > "@" sign - which I do not believe we can control.
> >
> > The message does not mention - and has nothing to do with
> > "www.thefirstyears.com" and the only reference to The First Years is as
> > mentioned above. It did not route through our mail servers, or - even
> > through Allegiance Telecoms mail servers - from what I can tell.
> >
> > I, myself, did receive a copy of this message the other day, but simply
> > discarded it as SPAM and paid little mind to it.
> >
> > If you have a problem with this message, I would recommend you converse
> > with the owner of the e-mail address "thefirstyears@josephina.com" - the
> > domain of which "josephina.com" appears to be under your ownership.
> >
> > If you feel you have a valid argument against The First Years, but address
> > it in using more appropriate means.
> >
> > Michael Quimby
> > Client / Server Application Developer
> > The First Years
> > One Kiddie Drive
> > Avon, MA 02322-1171
> > http://www.thefirstyears.com
> >
> > (v) 508.588.1220
> > (f) 508.580.6849
> > (e) mquimby@thefirstyears.com
> >
> >
> > System
> > Administrator To:
> mquimby@THEFIRSTYEARS.COM
> > <sysadmin@onesimu cc:
> hostmaster@ALLEGIANCETELECOM.COM, <thefirstyears@josephina.com>
> > s.com> Subject: invitation to my
> cam (fwd)
> > Sent by:
> > sysadmin@jtnet.co
> > m
> >
> >
> > 03/29/2002 01:53
> > PM
> >
> >
> >
> >
> >
> >
> > Mr. Michael Quimby,
> >
> > [hostmaster@ALLEGIANCETELECOM.COM is being CC'd in this message to ensure
> > they are made aware of the illegal activities of www.thefirstyears.com
> > ... for if actions are not taken by TheFirstYears, proceedings will make
> > Allegiance Telecom also liable as an accessory to the activities.]
> >
> > Attached below is a an email which contains a specially created email just
> > for use with the www.thefirstyears.com website by one of our users.
> >
> > It is very apparent that thefirstyears.com has sold this email address to
> > a pornography marketing company. Such activity will not be tolerated. If
> > an appropriate response and action is not taken immediately, this
> > information will be forward to the press for the public to see. We are
> > sure your company will be very attentive to this situation.
> >
> > Additionally, legal proceedings may follow if such actions do not cease.
> > It is illegal to do as your company has done.
> >
> > -- JTNET System Administration
> >
> > JTNET has a ZERO tolerance for SPAM activity especially when it comes
> > to pornographic material and the use of our resources to further such.
> >
> >
> > ---------- Forwarded message ----------
> > X-SMTP-Received: [209.115.80.70] Thu, 28 Mar 2002 10:03:55 -0500 (EST)
> > Return-Path: <Marry_Lee2@usa.net>
> > Received: from 209.115.80.70 ([209.115.80.70])
> > by smtp.jtnet.com with ESMTP id KAA11339
> > for <thefirstyears@josephina.com>; Thu, 28 Mar 2002 10:03:55
> > -0500 (EST)
> > Received: by 209.115.80.70 with Microsoft Outlook Express 5.50.4522.1200
> > id <P336446531264HER24>; Thu, 28 Mar 2002 15:03:56 -0500
> > Message-ID: <E336446531264AR3ZPZXH0DA1YOJ@209.115.80.70>
> > Date: Thu, 28 Mar 2002 15:03:56 -0500
> > X_Mailer: Microsoft Outlook Express 5.50.4522.1200
> > From: "Marry Lee" <Marry_Lee2@usa.net>
> > To: thefirstyears@josephina.com
> > Subject: invitation to my cam
> > MIME-Version: 1.0
> > Content-Type: multipart/related;
> > boundary="----=_NextPart_000_000D_01C1D0F7.8CE37160";
> > type="multipart/alternative"
> >
> > ONLINE CAM CONTACTS
> > Do you wanna see me stripping live for you for free!
> > Me and my friends are very horny and looking for people to talk
> > dirty. We like to get naked online because its naughty and gives us a
> > thrill. Some of us are just 18 and currently students. Its a great place
> to
> > meet real people who have the same sexual interests and fantasies as you
> do
> > and enjoy them as much as you do. Hope to see you there, honey!
> >
> > It's Easy, U n c e n s o r e d, Confidencial and FREE! Click to
> > visit
> >
> >
> > --------------------------------------
> >
> > (Embedded image moved to file: pic26500.jpg)
> >
> >
>
>
>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic