chgoeditor

Last night I started getting a barrage of emails confirming my subscription to all sorts of mailing lists. None were subscriptions I requested.

(I have a fairly common name and I was an early email adopter, so my email address is [email protected]. It's possible someone was maliciously subscribing me to spam, but there are an amazing number of people out there who mistakenly assume my email address is their own.)

Many of these emails are bypassing my spam filter, so I've been unsubscribing as they arrive. A few have provided the the IP address from which the subscription requests were made--a Charter Communications IP address in Cape Girardeau, MO. (I know no one in that part of Missouri.) Armed with that IP address, are there any additional steps I can take to put a halt to this influx of unwanted emails?

daniel46211

Sometimes, when you post your email in a public forum or webpage web-crawlers collect it and adds it a mailing list. Typically, it is sold to a company or used by a company to send malicious emails, so when you are divulging your email over the web you could disguise it a little (for e.g. firstname (no space) lastname AT huge (no space) emailproviderDOTcom.

There is nothing you can do now except unsubscribe from them as they come in.

MAN Pax

I had someone with the same name as my use my gmail address for loan applications. I would have had a field day if I wanted to dabble in a little identity theft.....

Dodge DeBoulet

I'm in a nearly identical situation; one of my email addresses is [email protected], and at least 4 people have used it multiple times as their own. One is a woman in Michigan attempting to quit smoking, another an out-of-work individual applying to various job sites, the third a recent graduate from medical school in NYC, and the 4th a teenage gamer (I think #2 and #4 may be the same person, though).

I'm sure the root of my issue is that so many sites accept email addresses without verification. What's odd is that the gamer has an X-Box Live account and I get his purchase notifications; you'd think that MS, at least, would have a mechanism to verify the email address for billing notifications.

Then there was the young Canadian girl that took my email address as her Apple ID . . . it was amazingly difficult to get Apple to fix it.

chgoeditor

It's been happening to me for years. If it's a personal email, I'll usually send a polite, "I'm sorry, but you have the wrong email address. I'm not the intended recipient." Most of the time people thank me for letting me know and I never hear from them again. A few times I've had individuals use my email address to respond to job applications/request information about continuing education. In those instances, if I'm contacted by a recruiter I sometimes get a little snippy and tell them that the person they're seeking is apparently too dumb to know their own email address. A few times my email address has been included on a mass mailing (sent by an individual) espousing some kind of idiotic/racist/homophobic/stupid viewpoint. In those cases I haven't hesitated to reply to all, tell the person what an idiot they are, then block the address

One of the most ridiculous cases of mistaken identity that I saved because of the sheer stupidity:

FAA IT Compliance person emails me from their work address a link to this article:
I reply:
She replies:
I reply:
You're a government IT compliance person presumably responsible for creating or enforcing policies about the acceptable use of work technology? You're sending me an article essentially gossiping about your boss? And you're stupid enough to assume I might know the email address of the person you're actually trying to connect with? Ladies and gentleman...your tax dollars at work.

Mary2e

Government IT compliance person, if their like other IT compliance people, are nothing more the IT auditors that now have a fancy new name.

What they're doing is testing to make sure written guidelines for managing IT are being adhered to. They don't actually know very much about IT. At least those I deal with.

chgoeditor

But wouldn't those guidelines presumably say, "Work email is not to be used for personal correspondence," or something like that?

boberonicus

One could subpoena Charter Communications to say "what subscriber device was assigned this IP address on that date?" But even that wouldn't tell you the name of the person typing on the keyboard. For example, that IP could be a router with hundreds of users behind it.

chgoeditor

I actually discovered that Charter has an email for sending abuse complaints. I provided them with a list of all of the subscriptions requests I was aware of that seemed to occur within a timeframe of a couple hours, and I also provided them screen shots of every subscription confirmation or unsubscribe page that showed the IP address from which the original request originated. That was Saturday, I think, and while I haven't received a response, I haven't gotten any more subscription notifications unless you count the Air Force Reserves recruiter who emailed me on Saturday thanking me for my interest in a job with the military.

gobluetwo

Couple comments:

First, I remember reading that you should just send these things to the spam folder and not actually unsubscribe. Some may be legit, but others truly are spam/bots and by replying, you're letting them know it's an active email address.

Second, one of my personal emails is wife'sfirstnamemyfirstname at gmail dot com. Turns out somebody created an email address that is firstname.lastname, where her first name is the same as my wife's, and her last name is the same as my first name. Of course, this gmail ignores dots in the address and considers them the same email address. Oddly enough, Google DOES consider the dot when assigning account usernames. Go figure.

I've been getting emails off and on for this person for a couple years sporadically. At one point, she must have been on holiday and asked that her work colleagues use her personal email address. That was actually pretty interesting, as I happen to be a consultant in her field of work. I feel bad getting emails about signing up her kids for judo or tennis lessons, or getting PTA news. I can't forward them to her b/c they just show right back up in MY inbox!

boberonicus

As do all ISPs following RFC 2142. It doesn't mean they'll actually even glance at your detailed abuse@charter creation. Or maybe they've decided to read one of the thousands of emails that hit those email abuse boxes each day and give the highest priority to one that comes from a random non-revenue non-subscriber. Hope springs eternal.

Mary2e

Actually, they are testing for general compliance to IT standards set by the govt in conjunction with the auditors.

Basically, I know I'm tested to make sure all the forms are filled out properly for access to my system. That terminated employees had their access removed. They also test to make sure backups are being made.

I've never heard of personal use of email being tested against, as their really is no risk to the system. If they didn't want employees to use it, they could just shut off access, which is what my company does.

MAN Pax

Google DOES NOT recognise the dots in an email address.

https://support.google.com/mail/answer/10313#

Looks like the wrong email for this person has been adopted by a few people. I'd be polite and send them one email telling them it's the wrong address then block the sender.

ShopAround

I'm having the same problem! My email address is [email protected] and I keep getting emails for firstname.[email protected]. When they come from her friends, I reply and tell them they have the wrong person but I get things like mailing list stuff I didn't sign up for... I wish I had a way to reach her and tell her to stop using that email address but if I try to email her, it'll just be delivered to me!

paytonc

The scourge of the early adopter... let's see, I've gotten Facebook invitations to pow-wows in Manitoba, order confirmations for size 14 sneakers going to Sacramento, rave invitations in Atlanta, pop concert announcements in Miami, plenty of those weird "buy trinkets for your chat icon" thing, and once even a tax form, complete with address and SSN.

If there's an help form, I use it and berate the company for not requiring email verification. If there's a "lost password" link, I use it, and change both the password and email address to gobbedlygook (hey, they're not verifying email addresses, right?).