Fotopedia SPAM Update 1

I received some suspicious email from Fotopedia this week.  I wrote about it yesterday.  Here’s the short version of the events.  I am signed up for Fotopedia (a visual online encyclopedia with user generated content) with a unique email address.  I received an email last night from some folks at Fotopedia explaining the situation.  We’ve had a good conversation about what might have happened.  They sent email newsletters using iContact, and believe they were the victim of iContact’s  recent security breach.  This all seems plausible to me.  I removed the post because it was obvious to me this isn’t malicious.

They sent me some links about the breach.

http://localtechwire.com/business/local_tech_wire/opinion/blogpost/6961613/
http://www.otherinbox.com/2010/01/29/data-breach-at-icontact-deja-vu/
http://blog.maz.nu/post/352842080/suspected-icontact-breach

Suppose the same thing happens to you, what next?  Here is what I think you have to do.

  • Go public with your customers
  • Tell them that their email address has been compromised
  • Give users an opportunity to change their email address
  • I think you have to move email service providers if for no other reason than PR

This is a tough break that could happen to any sender through no fault of their own.  FYI, the email is coming from Bangalore.

I wish Fotopedia luck with this.

Here is the message header and the WHOIS of the real spammer.


Return-Path: <tiptoes886@infogeographics.com>
X-Original-To: fotopedia@redacted.com
Delivered-To: redacted.com
Received: from JGWJVCOG (unknown [114.79.167.70])
	by mail.otherinbox.com (Postfix) with ESMTP id AFEC09A0D9;
	Thu, 15 Jul 2010 04:53:39 +0000 (UTC)
Received: from 114.79.167.70 by infogeographics.com; Wed, 14 Jul 2010 21:52:50 -0800
Message-ID: <000d01cb23d9$93f6c6d0$6400a8c0@tiptoes886>
From: <fotopedia@3rdparty.ca>
To: <fotopedia@3rdparty.ca>
Subject: Blowout prices for all our designer wear
Date: Wed, 14 Jul 2010 21:52:50 -0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0007_01CB23D9.93F6C6D0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180


114.79.167.70 Whois Information 

% [whois.apnic.net[Who Is Domain][trace][Reverse DNS Search] node-2] % Whois data copyright terms http://www.apnic.net[Who Is Domain][trace][Reverse DNS Search]/db/dbcopyright.html inetnum: 114.79.167.0[Who Is IP][trace][Reverse IP Search] - 114.79.167.255[Who Is IP][trace][Reverse IP Search] netname: DVOIS-NET descr: D-VoiS Broadband Private Limited descr: Classic Net Network country: IN admin-c: DBPL1-AP tech-c: DBPL1-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-DVOIS-IN changed: [Who Is Domain][trace][Reverse DNS Search]20100203 20100209 source: APNIC role: D-VOIS BROADBAND PRIVATE LIMITED - network adminis address: No. 70, 2nd Floor, 9th Main, H.M.T. Main Road, Mathikere, Bangalore 560054 country: IN phone: +91-80-41137335 fax-no: +91-80-41137335 e-mail: [Who Is Domain][trace][Reverse DNS Search] admin-c: DBPL1-AP tech-c: DBPL1-AP nic-hdl: DBPL1-AP mnt-by: MAINT-DVOIS-IN changed: [Who Is Domain][trace][Reverse DNS Search] 20090506 source: APNIC changed: [Who Is Domain][trace][Reverse DNS Search] 20090506

One comment on “Fotopedia SPAM Update

  1. Pingback: Tweets that mention Fotopedia SPAM Update | Someupside - Email Marketing, Deliverability, Social Media and Some Such -- Topsy.com

Leave a Reply