Mail adresses used on this site, and only (exclusively) on this site (not only me, I know about two other cases), have started to recieve spam. What happened?

The spam (always the same), comes from "Walinda Textile lilewoo_md@yahoo.com.cn", and goes like this:
"Dear  Sir/Madam,
It is my pleasure to write you in respect of our Company Wujiang Wanlida Textile Co., Ltd.
Based No.6 The Third District Nanshan Road, Shengze, Wujiang City, Jiangsu Province. China. We are experts in the sale of Textile  materials; we export into the Canada/America and parts Europe. We are searching for representatives who can help us establish a medium of getting our funds from our costumers in these areas..."
and so on, a classic scam know as nigerian scam (we need someone to handle money for us, you'll get some, but you'll have to pay some unexpected expenses).
The question is, how have those scammers got hold of addresses only Renderosity is supposed to know?

Professional spammers only have about a gazillion different methods of getting their grubby little hands onto your e-mail address.  Not all of those methods involve hacking a website.

BTW - that sounds like a great deal to me!  Where do I sign up?

Funny, but the question is, how did they get their "grubby little hands" on an address specially created for Rendo, on private mail servers, and only used here?

Anytime that e-mail is used, it makes its way over many different servers before it arrives at its destination.  The e-mail address in question can be "collected" at any of those points along the way.  Not to mention that the content of the e-mail itself can be read by who-knows-who.

I've heard it said that e-mail is a postcard.  And the address on the card is not hidden from anyone who bothers to look at it.

Encryption might help to keep the contents of an e-mail private.  But I know of no way to encrypt an e-mail's address -- outside of spoofing an account or else zombifiying other machines.  In which case the e-mail address hasn't been encrypted -- it's just been stolen.

I got one of these today myself and posted a thread about it prior to seeing this one.

I set up an email address specifically to be used for my account here at rendo.

how is it possible for a spammer to obtain our email addresses if they are hidden without someone hacking this site?

How to get a email adres ... well 1000.000 ways without hacking this site..
Even when you made a email adres specialy for this site ..
That will not say that your emails to and from this site can not be rerouted to other servers not in control by R'O.
Simply your ISP can use a router server that is using a leaking system..

For a example : i had some email adresses with Tiscali.. Tiscali is a REAL big ISP in the world.
Now i get email "spam" true a tiscali server Tiscali.IT ..but tiscali cant help that and its not even tiscali who is sending them true to me...

So before you say R'o is hacked or leaking or what ever you try to tell ...check that you know enough of the technical mater to state this kind of things..

R'O leaking the emails is like killing your golden chicken...
R'O being hacked ... well i think when that is the case we will get noticed within a Hour...

Chris

EDIT and i forgot ..maybe you got spyware on your computer ....

Quote - Anytime that e-mail is used, it makes its way over many different servers before it arrives at its destination.  The e-mail address in question can be "collected" at any of those points along the way.  Not to mention that the content of the e-mail itself can be read by who-knows-who.

This is how  points up at quoted section.

When you receive an email, or ebot, etc., it starts...let's say on a Rendo machine.
Then, it journeys to the local ISP (if you're lucky).
Depending on where in the world you are from there, it could hit hundreds of places before it gets to you.
And, those hit points...they don't have to delete your email if they don't have a policy to do so (most ISP's, in fact, don't).  

However, yes, it is possible (though not probable) that someone hacked rendo simply to spam people.  In any case, just flag the email as spam, and delete it.  Because, in all reality, it's only a matter of time before they create viable "autodialers" for emails.

When I moved here (North Carolina) I had to get a new ISP (Cable).

I had to create a username and password.

That username became my e-mail address...(Username@newisp.net) because it was required by my ISP to set up my Broadband Service

But I've had my own domain since....what...1998?...maybe 1999? (I've moved from Maryland...to Connecticut, then to NC in that time...yet my E-mail address has remained the same)

So I didn't need that e-mail address from the ISP...so I NEVER used it...Not once did I send an e-mail through that account, nor did I use it to sign up at any site.

I never even gave that e-mail address to anyone(Verbally or Non-Verbally)...It only existed because my ISP required it to set up my internet service.

But it is set up in Outlook, although It doesn't really need to be...I just keep it alive in the event my ISP decides to send me information regarding my account...(after all.."THEY" are the only ones who have that address...Right?)

So that ISP account gets checked along with every other e-mail account I have set up such as "My" domain e-mail addresses...and some client's account's (Webmaster@Clients_domain.com for example.) and filtered appropriately to their respective folders.

But guess what?...even though I've never used my ISP provided e-mail address... Never Sent, E-mail from it...Never used it to sign-up at any site...nor verbally / non-verbally gave it to anyone...."I Still Get SPAM sent to that E-Mail address"...And have since I was "required" to have it in order to get service over 3 years ago.

So...here is an e-mail address..that was "NEVER USED"...yet still gets SPAM.

SO...as mentioned by many in this thread...there are thousands of ways for your e-mail address finds it's way into a spammers database.

Perhaps the other possibilities should have been researched further before posting the question. 

The title of this thread, even though phrased as a question, is a bit "Sensationalistic" IMHO.

Tom

Sorry for multiple edits to that last post...Font sizes and typefaces took on a life of thier own for some reason.

Tom

Well it does seem odd that the same email is going to those of use who have created email addresses that are only used on this site for ebots and stuff.  I have had 2 of these today - never had a problem with spam on my 'rosity exclusive' email before

Dear  Sir/Madam,
It is my pleasure to write you in respect of our Company Wujiang
Wanlida Textile Co., Ltd.
Based No.6 The Third District Nanshan Road, Shengze, Wujiang City,
Jiangsu Province. China. We are experts in the sale of Textile 
materials;
we export into the Canada/America and parts Europe.
We are searching for representatives who can help us establish a medium
of getting our funds from our costumers in these areas as well as
making payments through you to us.
Please if interested in transacting business in view helpings us, so
our clients could make payment to you being a representative for us we
will be very glad and compensations will be given and as well as other
benefits.
Subject to your satisfaction you will be given the opportunity to
negotiate your mode of which we will pay for your services as our
representative/agent in Canada, America, and Europe.
BELOW IS OUR COMPANY HEADQUARTER
Wujiang Wanlida Textile Co., Ltd.
         If interested forward information below to us
1.FULL NAMES:                         2.RESIDENTIAL ADDRESS:
3.SEX:                                4.AGE:
5.PHONE NUMBER:                       6.FAX NUMBER(IF ANY):
7.OCCUPATION:                         8.COMPANY NAME:
9.COMPANY ADDRESS:                   10.NATIONALITY:
11.PRESENT COUNTRY:                  12.STATE/PROVINCE:
13.Zip Code:

 Reply to Company:lilewoo_md@yahoo.com.cn

Note that no form of payment will be requested upfront in this
endeavor.
On our receipt of the above details we shall forward to our
customer/clients to immediately contact you with the mode of payment.
Kindest Regards,
Mr.Lile Woo,
Company Directors.

So before you say R'o is hacked or leaking or what ever you try to tell ...check that you know
enough of the technical mater to state this kind of things..

Well, I probably know enough given it's with computers and networks that i make my living and finance my Poser addiction. And that's over 10 years I'm doing this; So I probably know as much, if not more, than most people here.

Anyway, before we drift OT to "mine is bigger than your's" type discussions - my question is:

How comes several different people, using different domains (most private), recieve the same day the same spam mail on the address they only use for Renderosity mail?

• The relay server? Nope - would be different for each victim.
• The ISP? Nope, we're not speaking about ISP or Hotmail type adresses.
• The (always possible) spyware? Well, for one person it would be possible, yes, but here we got several different people, all having recieved the same spam the same day. Quite a coincidence, isn't it.

And Hawkfyr, I admit the title is made to catch attention. Because, while I don't really care if my Renderosity address is spammed (I can make a dozen new ones in the time it takes to telnet to my mail servers), if (that's an "if" (means I'm worried, in case people didn't notice)) there is a problem with Renderosity, it could mean much worse thing than just recieving a chinese 419ers e-mail.

I have had 2 of these today

gillbrooks, thank you. Makes 5 cases of people who recieved the same spam mail on a Renderosity-only address today.

Spyware, huh?
Well, I wonder what spyware can be trimmed to steal Renderosity-specific addresses only...

Yep, a rendo exclusive email address that is not on any readme or given out to anyone.

And as has been pointed out by several already -- there are lotsa ways for 5 people to get the same spammer's e-mail.  Ways which have nothing to do with the website being hacked.

I wouldn't jump to conclusions.  Certainly not off of the example of 5 people out of 1000's.  Those Nigerian scam e-mails have managed to find their way into the mailboxes of millions.

I once had an e-mail account which was somehow spoofed by spammers.  I knew because I started receiving rejected mail back -- mail which I had never sent out.  Usually mail advertising stuff.  Needless to say, I canceled that account.

And as has been pointed out by several already -- there are lotsa ways for 5 people to get the
same spammer's e-mail. 

Yes, XENOPHONZ, it has been "pointed out", but not explained. Still waiting for an explanation which actually tries to explain something, and which goes further than the good old "it's you computer"... :-D

I don't jump to conclusions, I just try to understand; If I was jumping to conclusions I would be phoning my bank, killing my credit card and waiting till the decontamination crew has gone through the site...

But the coincidence is disturbing. One account can be compromised. But (at least) five? No, it's not the usual "spam happens" explanation here.

you got 'Shotgunned'

the spammer's gone onto an unsecured mail server or their own, with a little program that sends out the spam to a@a.com. a@b.com etc etc etc until say zzzzzzzzzzzzzzz@zzzzzzzzzzzzzzz.com

they got you on the way thats all... they don't care if the account is actually in existance.. the bounces hardly ever get back to them anyway. don't cost them anything to send a few million emails at a time...

Another way for spammers to get your address is to legitamately purchase it. They buy a list which was purchased from a site who purchased it from a site who bought it from Yahoo or Hotmail.
After all, one of the biggest assets for sites like Yahoo, MSN, and Hotmail is their list of active, real e-mail addresses. If they can get even 5 cents per e-mail, they could probably get $200,000 or more... which always makes the accounting people very happy.

the spammer's gone onto an unsecured mail server or their own, with a little program that sends
out the spam to a@a.com. a@b.com etc etc etc until say zzzzzzzzzzzzzzz@zzzzzzzzzzzzzzz.com

Could have been, but in this case wasn't. Because I administer 6 domains, with as many spam filters (and a minimum of a score users in each), and nobody else than my Renderosity address got this specific spam. But - Other people, strangers, on other servers, on other domains, got the same mail, but also only on their Renderosity account.

So your explanation reads "with a little program that sends out the spam from a@a.com to z@z.com, only if the resulting random address is valid on Renderosity". Quite a clever proggy, isn't it...

No, there are 3 points which make the whole thing look strange:

• Only Renderosity accounts.
• Same spam
• Same time

ok your in a bad mood. fine. but please take out one someone else, I just love attitude. sorry for trying to help.

Another way for spammers to get your address is to legitamately purchase it. They buy a list
which was purchased from a site who purchased it from a site who bought it from Yahoo or
Hotmail.

Yes, you're right of course, but please, people, read the question before replying... sigh

We're speaking about private domains, owned and managed by the users themselves (at least in 3 of the 5 cases), not about some Hotmail accounts. I'm quite sure I didn't sell my private domain's e-mail addresses to anybody, and I can say as much for two others.

ok your in a bad mood. fine. but please take out one someone else, I just love attitude.
sorry for trying to help.

I am indeed in a bad mood, and I apologise for it. But I am submitting a problem to the general community, and all I get is answers which tend to prove that nobody reads what I wrote.

Yes, I know the 1001 ways to get spammed. What i want to know is why Renderosity-only adresses got this spam.

Quote - Another way for spammers to get your address is to legitamately purchase it. They buy a list which was purchased from a site who purchased it from a site who bought it from Yahoo or Hotmail.
After all, one of the biggest assets for sites like Yahoo, MSN, and Hotmail is their list of active, real e-mail addresses. If they can get even 5 cents per e-mail, they could probably get $200,000 or more... which always makes the accounting people very happy.

Mine is not a yahoo/hotmail addy either - it is renderosity@mysite.com 
'mysite' being one of the 5 domains I currently own.

well, before you go off the handle, rty, I have 3 non-Rendo email addresses, that are used only for specific clients, that got that spam message.
So, no, I still don't think that rendo got hacked. 

Attached Link: http://www.renderosity.com/homepage.php

I've got the feeling that the only answer which will satisfy here is:  "Yes!  Renderosity got hacked!  Let's all panic together now!"

Spam don't bother me none.  It just goes into the "Junk" folder.  The spam comes in such a myriad of different ways that I'm not going to kick off by making assumptions about the source -- or about how they obtained my e-mail address.

Now if strange charges from Brazil or Thailand start appearing on your CC -- I'd say that then you'd have something to worry about.

Quote - Did you know that from the artist homepages anyone can send you an email?  It could be that, or many other possibilities.

Yes, there is that possiblitly - so I have just created a new email account on one of my other domains and changed it in my profile - so if I continue to get these spam mails to my old rosity email address it would rule that out.

If Rosity got hacked for its email addresses you would  think they would use more than five to send spam to.

I'm sure they're sending to many if not all, but how many people here use the same email for everything?  They wouldn't notice because they no doubt get spam from everywhere else.

There may be more than 5 people - not everyone subscribes to or reads forums.  There are probably onloy a small number of people who create specific accounts for use with this website only.

Also, further to my last post - I'm getting ebots to my newly created address now, but I am STILL getting those spam messages to my old account - the latest being telling me I've won the lottery.  Therefore, this discounts the idea that someone is spamming us through the 'send email' option on this site.

"
so if I continue to get these spam mails to my old rosity email address it would rule that out."

erm no... flawed logic there old chap. they have that address.. so they'll keep spamming it. so, getting emails to that address only proves they are still spamming.. not that they used the Send Email option... (if they used the send email option, not using it, proves they ain't been to your profile yet...)

Quote - "
so if I continue to get these spam mails to my old rosity email address it would rule that out."

erm no... flawed logic there old chap. they have that address.. so they'll keep spamming it. so, getting emails to that address only proves they are still spamming.. not that they used the Send Email option... (if they used the send email option, not using it, proves they ain't been to your profile yet...)

I was replying to the suggestion of spammers coming to this site and using the send mail option on artists homepages and as that now sends to my newly created account then I am correct and it does rule out that possiblity.  They could not have got my address by using the send mail option - that was my point.

Ooh, and I ain't that old and certainly not a chap LMAO!!!

I have 3 non-Rendo email addresses, that are used only for specific clients, that got that spam
message.

Email adresses from private servers you manage yourself, or ISP addresses? Many ISPs (may their souls burn in hell) resell their client's adresses...

I've got the feeling that the only answer which will satisfy here is:  "Yes!  Renderosity got hacked!
  Let's all panic together now!"

No, the only answer which will satisfy here is one explaining that coincidence. The "hacking" headline was just to attract attention, as I said; I don't believe it.  It's more likely a case of an intern misusing the client e-mail database or somesuch; I've already seen this.
I don't believe Rosity might have the stupid idea selling it's client's database, as that would be shooting their own leg - with an RPG (that's a Rocket Propelled Grenade, not a Role Playing Game...).

As about you people not minding spammers - You are apparently quite new to internet. We'll talk again when you reach the point of recieving several hundred spams/day, and you have to invest thousands of dollars in hard & software to keep your company's e-mails halfway useable... Spam severity always increases, as spammers exchange their victim's adresses (which makes that you might recieve the same spam a dozen times in a row, if your address was included in a dozen CDs).  Once an address is compromised, you can only delete it and create another.  :-/

Or, you can quit freaking out about spam, get a spam filter, or just delete it. 

Here's the thing.  I know at least 6 guys that work in IT.  They all complain about work when we hang out...then again, who doesn't? ...anyway, spam is usually not among their big complaints of  server and/or speed drainage.  It's usually the idiot in Finance who's been playing Neopets all day, or the lady in collections who forwards 90 emails a day. 

as for my addresses...one is a web-based email, one is a private server-based email, and the final is the email address housed at the client where I'm working for the next few months.  None of them have ever had anything to do with renderosity, and I've gotten both emails listed here. 

So, my theory?  IT's just another spam going around.  Delete it, move on, and you'll have lower blood pressure.

Or, you can quit freaking out about spam, get a spam filter

I have 2: One on my mail servers, one on my computer.    :-p

Well, then I don't know what to tell you.  Looks like you have a problem either way.  In that case, it must suck to be you, to have THIS big of a problem with spam.

Aw c'mon, I'm asking if someone has an explanation for a strange and disturbing problem, and all I get is replies like "it's normal", "you're just an idiot", and "get over it".
Nobody even tried to understand what the issue is.
No it's not spam.
No, it's not hacking.
No, it's not me being  stupid.
Sorry for having posted it in the first place; Feel free to delete that thread.

Yes, it sucks indeed to be someone who believes in "Community"!

Have a good day.

Ok, so maybe a rephrase? 
You come in, your title says that you suspect rendo was hacked.  People pointed out that it has nothing to do with rendo, and that it's general, every day spam.
So....what is the answer you're looking for?  Maybe, if we knew that, we'd be closer to your answer.  But, like most of us have said, it's spam.  You can either dwell on it, and eventually (if you don't already) need medicine for stress and/or blood pressure, or, you can delete it, and get on with your day.  It's an annoyance.  But, freaking out about it, as if Rendo has any way to combat spam on a global level, is like using a 9mm to get rid of flies.

Quote - Ok, so maybe a rephrase? 
You come in, your title says that you suspect rendo was hacked.  People pointed out that it has nothing to do with rendo, and that it's general, every day spam.
So....what is the answer you're looking for?  Maybe, if we knew that, we'd be closer to your answer.  But, like most of us have said, it's spam.  You can either dwell on it, and eventually (if you don't already) need medicine for stress and/or blood pressure, or, you can delete it, and get on with your day.  It's an annoyance.  But, freaking out about it, as if Rendo has any way to combat spam on a global level, is like using a 9mm to get rid of flies.

No one is 'freaking out about it' except you.

What the majority here don't seem to understand it is that an email account that under no circumstances should be available for 'harvesting' is receiving spam.  THAT is the issue.
I have been using the same email account here for some years and until 2 days ago had never had anything come into it other than ebots and newsletters, plus the odd mail from vendors using the 'mail all buyers' option.

I know which of my accounts to expect it on - and with some getting hundreds PER DAY I am used to dealing with it.

And, I don't think anyone is disputing that, Gill.  No email address should be susceptible to harvesting.  And, at no time, did I freak out.  So, read whatever you want into my posts.  All I said is that I have 3 email addresses, all of which have NEVER had anything to do with rendo, receive that email.  Disputing the assumption that it was, in any way, rendo's fault.
So, yeah, Gill, I understand.  Spam is annoying.  It's like a zit on your ass.  Sitting in here, complaining that it's potentially rendo's fault not only does nothing to solve the problem, it has nothing to do with the problem.  You can either overreact to spam, or you can delete it and ignore it. But, saying that the rest of us are putting you down, overreacting, or 'net newbys because we don't freak out at spam...it's silly.  We understand that you're frustrated.  But the orignal post wasn't "Don't you understand that I'm frustrated???"  It was "ok, I got spammed, and somehow, Rendo's involved!!!"  So, for those of us who look at spam realistically, and not as a personal affront to our nethood...yeah, we roll our eyes, and post to the contrary.
The email we all got, it was a new version of the Nigerian Scam email.  Congratulations, it was probably a newish one.  Is it rendo's fault?  Nope.  So one is trying to negate the fact that you're frustrated.  Go ahead, be frustrated.  It's your right as a human being.  I choose not to be frustrated over spam.

I've had that same email go to several other addresses - all of which get spam on a vast scale and I fully expect it.   None of those addresses are anything to do with rendo - they're probably on the same list that my now changed rendo was on that has been harvested or sold.

I'm not freaking out because I got spam - I'm merely pointing out that there is no way the spammers could have got that address.  

I don't get spam on the accounts I created to use at DAZ,  Poser Pros or RDNA, nor the general 'shopping' email  I use for my groceries, CD's and other nicer goodies from anywhere else.

I DO get spam on any I have listed on my web pages, those that are listed on certain wallpaper sites and the ones that have been in previously submitted readme's before the rules on that changed.  I expect that.  I use mailwasher and have done since I had my first website - it's a neccessity.

I'm not being arsy with anyone and don't want to make any enemies over this.  It's just that the point that I and several others are trying to get accross isn't making it

***"So your explanation reads "with a little program that sends out the spam from a@a.com to z@z.com, only if the resulting random address is valid on Renderosity". Quite a clever proggy, isn't it...

No, there are 3 points which make the whole thing look strange:

• Only Renderosity accounts.
• Same spam
• Same time"***

"Only" Renderosity accounts?...I think it's been mentioned that "Others" get that spam on non-Renderosity account's.

"-Same Spam/Same Time" simply tells me that the spam was mass deployed and it would only make sense that it would be the "Same Spam" at the Same Time. To expect  otherwise would imply that the spammer took the time to "Personally" E-mail  that spam to his/her list, one at a time.(Not Likely)

"I apologise for it. But I am submitting a problem to the general community, and all I get is answers which tend to prove that nobody reads what I wrote.

"Yes, I know the 1001 ways to get spammed. What i want to know is why Renderosity-only adresses got this spam."

"Nobody"  Read what you wrote?

Although I agree that many times,people reply before "Really Reading" the post(s) they are replying too.

(I call that the "Fire,Aim,Ready" Reply)

But I think in this case, most did, (For example...I noticed the "question marks"(???) in the title, thus being sure to not say you were making declarations of Rosity being hacked, but rather inquiring that as a possibility)I tend to re-read post's (sometimes several times) before replying to make sure I'm understanding the post correctly.

Perhaps we can examine a nutshell version of the thread

Your Initial Post (A question...not an accusation) Essentially read as follows:

Subject: Leaks - Renderosity got hacked???

Mail adresses used on this site, and only (exclusively) on this site (not only me, I know about two other cases), have started to recieve spam. What happened?

Followed by a clip of the spam and your knowledge of how it's a classic.

The question is, how have those scammers got hold of addresses only Renderosity is supposed to know?

Then in your second post...you reveal these are "Private Mail Servers".**

More Replies followed with possible explanations,and a question from matrix asking "how is it possible for a spammer to obtain our email addresses if they are hidden without someone hacking this site?"

(Xenophonz, Bar-code, and JenX specifically offered up evidently "Unacceptable" possibilities)

Then my story of how an address "Never Used" manages to get Spam,followed by a nod in agreement to those who mention that there are thousands of ways to end up on a spam list and my "Opinion" (See"IMHO") as to how further research could have been done prior to posting, as well as a mention of the "Sensationalistic Nature of the title.

Your next post addresses several of the prior posts attempting to explain possibilities.

Also... mention that you work in the computer industry and how you probably have more knowledge than most people here.

STOP:...okay..What was your motivation for starting this ( admittedly "Intentionally" sensationalistic ) thread?

If your opinion is that "You know more than most people here" why then post publicly at all?

After all, it would be a waste of time asking "The Membership" to solve such a riddle...

Wouldn't it be more appropriate to e-mail a Site Administrator, and/or possibly the site Programmer?

Maybe getting together with the handful of others this is happening too, in the interest of ruling out possibilities,

and/or perhaps finding a "Common Element" that points to a possible "acceptable" reason this is happening.

That is...if it was truly your motive to seek "Help" and  come to a "Reasonable, Acceptable Understanding" of why this happened.

Perhaps it's because "I'm worried, in case people didn't notice"

Anyway..moving on... You list a few reasons as to why the replies from those "taking time to help you, on limited information, given piecemeal as the thread progresses" are not acceptable solutions.

***"- The relay server? Nope - would be different for each victim.

• The ISP? Nope, we're not speaking about ISP or Hotmail type adresses.
• The (always possible) spyware? Well, for one person it would be possible, yes, but here we got several different people, all having recieved the same spam the same day. Quite a coincidence, isn't it."***

Now...for someone who is as educated as you, and "Probably" knows more than most  others here. Don't you think you would have provided more information in your first post?. Such as your "Experience" as well as other information regarding the research listed above, or that you have already done, that is only revealed in drips and drabs?...That certainly would have ruled out possible reasons as to why this is happening (according to your research), as well as saved those "Trying To Help" time, by not posting "Non-Acceptable" possibilities.

Then...More Post's mentioning that there are thousands of scenarios that could be causing this.

Khai then provides another possibility, An application designed specifically to acquire possible e-mail addresses (whether they exist or not)

Followed by another post from you shooting those down as a possibilities. (More research and knowledge on your part that could have been provided originally to again" save those "Trying To Help" time, by not posting "Non-Acceptable" possibilities.

Your next few posts shows frustration that nobody is "Reading" your questions, nor are they providing an acceptable solution as to why this is happening.and the question again "What i want to know is why Renderosity-only adresses got this spam."

Then...JeniferC "CEO of Renderosity" steps in to offer up a what could be considered, a quite plausible reason, as to how these E-mail address's may have ended up on a spammers list.

NOTE: this could have, and probably has, happened to more people than only the handful of "Known Cases"...My Opinion is that those handful, are the only ones to have noticed it, because as mentioned...People have different ways of managing spam, and  may not have noticed it happening to them. For example...I set up "Rules" in my E-mail reader to handle spam....when one comes through...I immediately make a "Rule" that states that when an e-mail comes in from this domain (and/ or other criteria), "Delete it from the Server", that way..it never even gets downloaded.Thus...I wouldn't even know if or when I got that Spam.(Unless I went to my domain control panel and sorted through history logs, but...I simply am not that passionate about it to do that).

Your next Post...Doesn't even mention that what "JeniferC "CEO of Renderosity" posted. (So...Who's not "Reading" Whom?)

But you did  say  "The only answer which will satisfy here is one explaining that coincidence."

You also managed to imply that a less than scrupulous person that has access to the Renderosity Database is behind this.

"It's more likely a case of an intern misusing the client e-mail database or somesuch;"

.(Such a Dirty Rat...We knew there had to be some kind of conspiracy behind this)

So...is it your intent to have "The membership" (You know...Those whom You, have superior knowledge over) provide for you an acceptable answer?

Shall we go over the thousands of possible scenarios one by one until it's "Acceptable" to you?

Is there a particular reason you ignore totally "the only post"* *thus far, by a Representative of Renderosity?

(And not just "Any" Representative.)

"Nobody even tried to understand what the issue is.

2 Pages of "Nobody even Trying"?

Well consider This Post is my effort of "Understanding what the Real issue is".

**
Yes, it sucks indeed to be someone who believes in "Community"!**
You mean that community that most of which"You Know as much,if not more, than"?

I know I've asked several questions in this thread,but really only want to know the answer to one.

So I'll ask it again...

What was your motivation for starting this ( admittedly "Intentionally" sensationalistic ) thread?

Tom

Quote - Did you know that from the artist homepages anyone can send you an email?  It could be that, or many other possibilities.

That is very clearly not what is happening, because when one sends email via a homepage form here, the email has blatant headers that show it came from renderosity - unlike these spams, which are extensively forged, and contain no forwarding history from Renderosity.

Received: from www.renderosity.com (unverified [66.18.106.212])
 by bondware.com (SurgeMail 3.8f3) with ESMTP id 9274214-1804893
 for xxx@xxx.net; Sun, 18 Feb 2007 18:50:07 -0600

I too think it is likely that the breach came from here.  Do I need to change my credit card number, or only my email address?

Cherry picking from your huge summary, much of which I don't care about and frankly causes me pain to look at:

Quote - Then...JeniferC "CEO of Renderosity" steps in to offer up a what could be considered, a quite plausible reason, as to how these E-mail address's may have ended up on a spammers list.

Not plausible at all, it's off the mark as a passing glance shows (doesn't anyone test any damn thing any more?)  Jenifer probably should have checked this before offering it up. 

Think about how painful it is to write.

To expose one (Or several) of trying to sensationalize something, while at the same time, wasting the time of "Everyone Involved".(except for those participating in the Sensationalizing that is)

Yeah...we agree on something...It's painful to look at alright.

I ran a test by sending an email to myself via my profile page.

The picture attached is the header I received.

I was going to go check out my E-mail logs to check out the E-mail history...to see who the recipient was.....but..cha know what?...It's clear that Either "We" are the ones being scammed in this thread, or it's legit, but no explanation will suffice, and any help goes un-appreciated..

Either way...I've decided It simply isn't worth my time to help solve anymore.. Especially to those who have no interest other than conspiracies, and have no appreciation of those attempting to help.

So....I've lost interest in playing the game...

Figure it out yourselves.

Tom

Oops..Forgot to Add:

Let's suppose that my Subject  Read:

Someone has replied to"Leaks - Renderosity got hacked???"  on Renderosity.com

And the Body read:

This is a notification that hawkfyr has replied to the thread "Leaks - Renderosity got hacked???" in the Community Center forum. Click here to view this message or here to visit the forum.

You can edit your options here. You can also unsubscribe from this thread directly by clicking here.

Would you surgically go through the Properties of an E-mail like this automatically?

Is it "Possible"You might not notice the From: and  To: in the header?

Or would you simply click on the link to go see the reply?

(Well...we know you might not rush to see a reply from "Me" as this Mock E-Mail suggests, but lets just say it said "This is a notification that rty has replied to the thread......)

After all..these are "Dedicated" E-mail addresses...Specific to Renderosity....why would one feel that it's anything but a legit E-Bot at first Glance?

Tom 

I set up an email to be strictly used with my account here and others have to are receiving this same Spam. what I suggest renderosity to do is investigate this thoroughly.

Quote - I ran a test by sending an email to myself via my profile page.The picture attached is the header I received. 

No sir, that is not the headers, it is merely the to: and from: fields.  The headers would resemble more along these lines (although note I have obscured my own email address and IP/domain info):
Return-path: xxx@xxx.net
Envelope-to: xxx@xxx.net
Received: from xxx.xxx.net ([999.999.999.999] helo=xxx.xxx.com)
 by xxx.xxx.com with esmtp (Exim 4.51)
 id 1HIwjm-0005E0-45
 for xxx@xxx.net; Sun, 18 Feb 2007 19:50:38 -0500
Received: from xxx.xxx.net (xxx.xxx.net [999.999.999.999])
 by xxx.xxx.com (MOS 3.8.2-GA)
 with ESMTP id BDP17855;
 Sun, 18 Feb 2007 19:51:52 -0500 (EST)
X-Commtouch-Virus-Threat: Unknown
X-Commtouch-Class: Unknown
**Received: from [66.18.106.211] ([66.18.106.211:35041] helo=mail.bondware.com)
 by xxx.xxx.net (ecelerity 2.1.1.13 r(14827M)) with ESMTP
** id C7/B7-08371-844F8D54 for xxx@xxx.net; Sun, 18 Feb 2007 19:50:36 -0500
**Received: from www.renderosity.com (unverified [66.18.106.212])
 by bondware.com (SurgeMail 3.8f3) with ESMTP id 9274214-1804893
**  for xxx@xxx.net; Sun, 18 Feb 2007 18:50:07 -0600
Date: Sun, 18 Feb 2007 18:50:09 -0600
To: xxx@xxx.net
From: "xxx@xxx.net" xxx@xxx.net
Subject: test
Message-ID: f003c4405f1b41e054571433e577b5d0@www.renderosity.com
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="b1_f003c4405f1b41e054571433e577b5d0"

"Would you surgically go through the Properties of an E-mail like this automatically?"

So...I suppose you are paranoid enough to.

Fair enough.....No help for someone that paranoid as to check the "Properties" of each and every E-mail they receive.

You Win.

8 )

Tom

"I set up an email to be strictly used with my account here and others have to are receiving this same Spam. what I suggest renderosity to do is investigate this thoroughly."

My Point Exactly... Why would one take it to "The Membership" to investigate a problem...only Renderosity can solve?

Unless they had another motivation.

This Thread reads more like a riddle, in which the one asking the question,already knows the answer,but reveals clues and information along the way,

Tom

Quote - My Point Exactly... Why would one take it to "The Membership" to investigate a problem...only Renderosity can solve?

 

Tom

exactly, but they've locked the thread which I started on Friday and all I posted was:

"has anyone received SPAM today that resembles this?"

I indicated nothing about hacking when I originally posted, but it's a strong possibility just like
it's a stong possibility that they have someone in their employment who doesn't have high integrity.

had this been an email address that I'd had for five years I wouldn't think anything of it, but I set up this account on December 26, 2006 and for the sole purpose of using here. I don't use it for anything else , nor have I given it out to anyone.

the original intent of changing my address had nothing to do with spam, but I wanted to have my weekly newsletters go to specific email accounts and not the same one. one for daz and one for here.

Ah...the Poser forum...no wonder I missed that one. Although I check it from time to time,It's not one I check regularly.

Thanks for the Link...I just read it...Now "That's" a typical "Fire, Aim, Ready" thread...

Were you wondering why it was locked?

I have "Special" E-mail accounts too...I don't think anyone is challenging the intent of having them...but to expect that they are somehow invincible to being discovered, is simply a lofty expectation.

And as we all know..."A Disappointment,is only an Unfulfilled Expectation". 

Tell me...When you receive an E-Bot...do you click on the link? (See "Router's" theory)

Do You know if your domain has "Catch All" enabled by default?

Someone could send an E-mail to hawkfyrisanasshole@mydomain.com, and I'd still get it. ( Oh Gawd...Now I need to make another "rule"....lol)

This could go on forever.

But it's typically the "Accuser" who has the Burden Of Proof.

Tom

Quote - My Point Exactly... Why would one take it to "The Membership" to investigate a problem...only Renderosity can solve?

You know, that applies equally to your own posts.  Maybe you should quiet down and let the site admin team answer this.  At the very least ease up on the rudeness and melodrama, this isn't a friggin soap opera.  I'm concerned about my credit card info, not counting coup with you.