The next day I was startled to find spam for DVD burning software in my Yahoo Bulk Mail folder. This was very disconcerting. I didn't offer my email address to any of the DVD burner sites. But I had never gotten spam on that topic before. I didn't think it was a coincidence. I regularly check my computer for malware, and I use a firewall, an IP blocker, a hosts file, and Spyware blaster for protection. I'm confident that nothing on my own machine is tracking me. Yet somehow the spammer knew I had shown an interest in DVD burners that night and knew my email address!
I felt this could only happen through Yahoo itself. Yahoo had to be scanning my email (to my friend to give her the DVD burner list) or picking up my browser history list. Yahoo had been publicly claiming that they were different from Gmail because they did not scan mail. I wrote Yahoo to ask them to explain how I had gotten targetted spam if they didn't scan my mail.
Yahoo sent me three replies: canned emails on the wrong subject. They did not respond at all to my last request to have a human answer the question. I then tried to use Planet Feedback to write Yahoo. No response to that either. I just let it drop.
Yesterday, before I asked a question about AdAware in another post, I spent a few minutes searching "rogue spyware blocker" pages to see if AdAware had ever been reported as a problem. This is not something I normally research. This morning I found spam for Ad Blocker software in my Yahoo Bulk Mail!!! I have never gotten that spam before. Now I know it isn't a coincidence: someone is quickly sending me targetted spam after gathering information from where I surfed. I still don't know whether this is based on browser history or email scanning: I also gave my friend a a report on AdAware last night.
I think the culprit has to be Yahoo, because how else would my email address be known. I also used Google to perform the search (I don't use Google toolbar, though). A third possible factor: I have been receiving a fusillade of packet activity from the network that my ISP uses for my Internet connection: Level 3 Communications. They are constantly hitting me with pings, udp packets, and TCP scans on very odd ports. My firewall and IP blocker seem to be blocking most of them, but I have been looking into this lately because I don't understand why Level 3 Communications needs to be doing that. My Internet connectivity functions fine even when all the Level 3 packets are blocked. The pings could be to see if I'm still connected: but why send them every few seconds?
While Yahoo is the strongest candidate for the spy, I am now wondering whether Level 3 Communications has used its position as a network provider to harvest my email address.
Does anyone have any ideas? The targetted spam scares the heck out of me.
Edited by banality, 09 July 2004 - 06:28 PM.