Have our email addys been sold?

I just got this message from an italian company that had listed all the addresses where the e-mail was being sent, and i can tell you there are about 1000 addresses if not more, and coincidentally, I noticed a lot of DG members names........
Have our email addresses been sold????

this is the email
quote
Company presentation

Our company is specialized in fertilizer and natural protection system for garden, fruit field and kitchen gardens, We will be glad to begin a trade cooperation with you distribution. We are ready to send product samples and the complete products price list. All packages can be prepared in different languages and with you private-label ao trade mark. To contact us by phone please call on monday from 9 am to 6 pm, for english language, or from tuesday to friday from 9 am to 6 pm for italian language.
Thank you for you attention.
All our products came with all the instructions needed for the right use, from the exact and guaranteed composition to the right manner of use and, if necessary, also with security papers for the safely use of the product. The package is clear and nice to make the costumer's identification of the product very intuitive, keeping an eye on the enviroment, in fact we just use biodegradable and recyclable paper in our packages.

Commercial Office

To contact us by phone please call on Monday from 9 am to 6 pm, for english language, or from Tuesday to Friday from 9 am to 6 pm for italian language.

With best wishes
Paolo Troiano
(commercial office)


UNQUOTE

I doubt it--it says in the policy that our full name and email address will never be revealed to anyone else http://davesgarden.com/aboutus/tos/ Given that we're all gardeners, chances are a lot of us probably visit some of the same sites (other than DG), order from the same places, subscribe to the same magazines, etc and not everyone is as nice as Dave about maintaining people's privacy so undoubtedly they got your email from elsewhere.

No, they haven't been sold. Can you forward the message (with all the names and everything intact) to terry@davesgarden.com?

I guarantee no email addresses were stolen from DG! It must have come from some other place, perhaps a different gardening site, or a co-op, or something else...

Chuckle - three replies at the same time. :)

Kinda like a prairie dog village - our ears must have all perked up at the same time ;o)

With today's spyware etc, anytime you visit a site you are at risk of "picking up" a tracking bug. If you REALLY want some fun, set yourself up with a 2nd email address and spell your name differently. THEN you can partially track where the source of the "leak" is.

Pat, pat, Patricia, patricia, paticia, and more... LOL

That is exactly why I have a Yahoo! account. I only give my personal email addy to my family.

I have separate GMail accounts for the same reason, mgh.

It's not hard for someone to glean e-mail addresses from forums. If you use the page search function at most search engines and look for a certain exact phrase and character on DG with while you're logged in, you can find instances where people have posted their e-mail addresses. If people do this here and on on other gardening forums, it would be easy for a spammer to compile a list of targeted e-mail addresses.

Well, after looking at the message, I think the names originated from Halson Garden , but i have no idea who halson garden is.

Dave, I apologize for making it sound like you were somehow involved.

Terry, I sent you a copy of the email

Thanks, Pebble. BTW, Hallson has two L's - if it's the same company I'm thinking about. (They sell hostas and perennials, and also have some forums.)

Yep, looking at the email, it appears someone went through Hallson's member list and spammed their membership. It would be extremely easy to do that because there's a link next to each member's name that allows anyone (visitor, member, whatever) to see each member's email address and/or copy/paste it into an email.

This message was edited Sep 28, 2007 12:33 PM

No problem pebble - you did the right thing asking about it.

Terry, You are correct, I just went to their site, and sure enough, I was a member way back when......

As a side note: we committed to a policy that we would never share email addresses with third parties (see our Privacy Policy in the footer). We take our commitments very seriously.

I really hate to put anyone at unrest here, but there is also a possibility of someone becoming a subscriber to DG, adding their name and address to the Address exchange, then taking names to google for email addresses.

I had someone from Germany email me to find out if I was the person they were looking for, a link in their Family history. The person happened to have the same name as me, but of course was not me. I asked them how they found my email address, they told me all they did was to google the name and they found it. I don't think I was a DG member then, and I have never put my email address on a thread, nor will I put it in the address exchange.

Just a warning which I feel obliged to give.

It's true they could do that, but it's a lot of trouble to pay for a subscription, then put your own address in the addy exchange, then find people's names, then google for email addresses when there are plenty of places they can get to the email addresses with a lot fewer steps and without spending any money to do it. Not to say that someone won't come along someday and do that, but for me it's not a big enough risk to worry about it.

All of these steps only take a little time for someone who wants to do it. Don't you remember that some people were getting spam dmails from someone I think in Nigeria or thereabouts. They had to go to the peoples homepage to do that, and yes it was stopped, but who would know where it had come from if they had got them from the address exchange?

Like I said, yes someone might go to all that trouble and there's nothing to stop them, but my thought is that they'll go for easy free sources of email addresses first. I don't know if I was here when people were getting spam dmails from Nigeria, but you can send dmails without paying to subscribe, and it's less steps than finding names in the address exchange and then googling for email addresses, so to me it's not the same thing. But you're right, for people who are really concerned about things like this, nothing is really secure.

The Nigerian scam messages are not a problem here any longer. For the last year or so, non-subscribing members can only initiate two new messages in a 24-hour period. That limit has dramatically reduced the incidence of spam messages, which were really only an annoyance to those who received a spam message: the spammers could never glean anything about any person they dmailed, unless that person responded with personal information.

There is a risk associated with placing your personal information in the address exchange. That's why it's entirely optional. But the information is arguably a lot safer where it is now, where only subscribing members can access it, than it was floating around via a spreadsheet attached to an email - where all the recipients email addresses were being passed along, too.

The only way someone could "triangulate" you via the DG address exchange is if you have posted your username AND real name AND your personal email address somewhere on the web. And if you've done that, there's no reason for anyone to bother subscribing to DG to access your info - they've already got it.

I think there must be a program that generates spam to all possible spellings to the major ISPs. I have on occasion received spam that did not have my correct e-mail address, but it was somewhat close. That's why I suspect an address generating program is out there somewhere.

This would be far easier than getting the e-mail addresses from a web site or collecting them one by one from any source. By doing it this way, many will bounce, many will be invalid -- but many will be on target, too. Since the original mailing probably involved millions of e-mails, even 1% valid e-mail addresses is a lot for very little effort.

By eliminating the ones that are returned as invalid or bounce for whatever reason, they know which are good addresses and can keep them or sell them. A gardening spam would likely be sent to everyone -- knowing that only a small percentage of recipients would be gardeners. That's the way junk mail has always operated. The internet and e-mails have simply made it easier, faster, and cheaper to do this.

I use an e-mail program that I can bounce spam back and the return e-mail looks as if the spam was undeliverable.

Karen

WOW... I'd like that feature Karen! I do not respond with "unsubscribe" because I know that simply notifies them that the address is correct. Having something that suggests it is NOT a good address would be WONDERFUL!

In this case, you can easily see where they "scraped" the email addresses: http://www.perennialnursery.com/forums/memberlist.php?sid=696686557b5aaaa601558af055d34571

Oh dear!

Yep - what was undoubtedly designed to be a handy tool for members to communicate with each other, unfortunately also creates an easy means for someone to come along and scoop all those addresses into one big email.

Terry you quoted:

"the spammers could never glean anything about any person they dmailed, unless that person responded with personal information."

That is true, which is why people should be very aware. We know that many vulnerable people have responded to scams where they have lost a fortune. In the UK some older people have responded to phone calls telling them they have won a lottery, but to release the payment they needed to pay X amount of money, then they have to pay more for some other reason, and it goes on.

The last one I was aware of was operating from Canada, the victims had supposedly responded to a mailing (to their address) which entered them in a free contest. There was millions of pounds handed over, one man of about 70 who did not seem at all stupid had remortgaged his house and handed over at least £70,000, others handed over much more.

So my point here is that addresses can land you as a victim, and all those addresses had to be handled, sent out, they had to employ people to phone them, these scams are big operations and can bring in huge amounts of money from a few people so the time and effort does pay.

Another point here to show just how lists of names are sold. Our Government thinks it's OK to sell our names and addresses, from which advertisers can find your phone number and target you with calls to sell their goods. This happens when you buy a new TV, you are not told they will do this but you find out it happens when they send out a form telling you to purchase a TV license. I found out from someone else that you have to OPT OUT of this by calling your phone company, nice of them to opt you in without asking! Then of course the employees of companies can be people who place themselves in a job just to get information they can use, or sell on to others. Our Govt. also sells your name and address for a very small fee, £2.50 last I knew, to people who wheel clamp cars and charge a fortune for their release. These companies are allowed to even take pictures of a number plate if someone stops briefly to READ a sign about parking, (well who can read a lengthy parking notice while whizzing by), they position themselves just for that purpose, then contact the Driver & Vehicle Licensing, pay a small fee, send a huge fine to the 'offenders' and it's perfectly legal!

Sorry to get all steamed up here, but people really do need to be aware.

A few years back the State of Oregon Dept. of Motor Vehicles was going to make public on the Internet their searchable database of car license numbers, owners and their addresses. Can you imagine! Any potential stalker or pedophile would have been able to easily get the name and address of anyone just from their license plate number. There was a HUGE uproar here and the gov. finally dropped the plan. If I remember right I think the database was briefly posted, then taken down. Whoever thought it up didn't have a brain in their head!

Oh, my gosh, Pard, that would have been disastrous. Wallaby, that's just nuts about the parking zones.

Sometimes I think we are governed by nuts since making money has been the be all and end all of everything, and the Govt. wants/needs/will make money however they can get it. Our security and privacy mean absolutely nothing to them, it makes me wonder where it will all end. It's scary really! I don't mean to get political but when our personal security is at stake they need to be hung, drawn and quartered!

Your email will also get in the wrong hands when people forward your emails without removing your address and using BCC

I sometimes get emails with pages of forwards and I'll admit I look at some of those addresses just to see which ones come from businesses and that I've looked up some of those businesses.

One of my emails got to my boss's MOTHER! (So she looks too!) That was a bit of a worry for a few minutes LOL The person that forwarded it finally realised the importance of removing addresses. Some people are just too lazy

I got in the habit years ago of using only BCC. Some of the Emails forwarded to me from my MIL are hair-raising, they have over a hundred addresses . Her sister is a nun and I see her address on most of them (they all have email addresses at her residence). lol I sometimes gotta wonder if some of the stuff pops up in their in-boxes that shows up in mine.

Ha! Now there's an awful thought! LOL

My email program will not allow me to send it ONLY BCC so I frequently send to "myself" and list all the others as BCC. I am not fond of getting forwards but I do not want to tell my friends to NOT contact me at all so...

psychw2, I found out that Yahoo! email won't let you send to BCC only......never thought of sending to myself and then BCC everyone else. Thanks for the tip!

I have heard though, that they can still somehow get the emails from a BCC. Don't know how that is possible though.

Let's face it........................any person who is a computer genius can get whatever they want anyway. The reason I know is a short story I will share:

An out of town newspaper had a chat room where local issues were discussed. A family member who is CEO of a corporation was being trashed by unknown user ID's..............four men who people who disliked him intensely. I came on with a fake username and within the day one of them called me by my real name and identified my whole identity and my relationship to the person he was talking about. So....................................I got a computer whiz to find out who he was and it only took a half an hour to report to the newspaper editor who had outed me.

I loved it as the editor of the paper published who he was and what he did................and never mentioned my name or user ID......................he turned out to be an attorney whose mother is in the state legislature. He disgraced himself and his family.

Point of the story: cyberspace is never completely private but I will take my chances.........don't want to live in the past..............

OK, I just forwarded the message that I received. Then I read this thread and found the link, where sure enough I had signed up sometime in the past. Once again Dave is not the culprit in any way, shape, or form.

Thanks guys.

I don't put my Email address in the address exchange....If I want another member to have it then I will Dmail it to them. Jo

I do agree with George And Roadrunner as I don't put any of it in as hacker or spammer! I don't open email which is NOT know them...

doesn't your avast and other security measures catch any bad ones?...............at least the ones coming in don't have a virus...............and then I don't open either unless I know who it is.........................

Whoa, why do you keep on and on. It is clear where these people got their information. It was nothing mysterous. I and all of the rest naively put our e-mails in an area where anyone could read them. It has nothing to do with Daves, except that a number of DGers also visited this site.

Let it rest.