Ameritrade Spam Again - news.admin.net-abuse.email

Message from discussion Ameritrade Spam Again

hcl...@gmail.com

View profile

More options Aug 16 2006, 10:12 am

Newsgroups: news.admin.net-abuse.email

From: hcl...@gmail.com

Date: 15 Aug 2006 15:12:18 -0700

Local: Wed, Aug 16 2006 10:12 am

Subject: Re: Ameritrade Spam Again

  Forward
  | Print
  | View thread
  | Show original
  | Report this message
  | Find messages by this author
  

Funny, exact same thing happened to me. I have two TDAmeritrade
accounts, both with addresses that are IMPOSSIBLE for a brute-force
program to figure out. Both addresses were created on my own domain
name, using words that can be found in no dictionary, and used ONLY
ONCE EVER--to sign up for the account.

I receive spam almost daily. The spams are all the same--a set of
random words (to confuse and sabotage heuristic filters), and an image
(with a 'hot' stock tip on a GIF image to circumvent spam filters).

It is obviously happening to a lot of us. Unfortunately, enough people
(especially with Ameritrade) are gullible and have so little financial
knowledge that they will fall for it. It's the old "pump and dump"
scheme.

I complained to Ameritrade. A service rep told me to "e-mail the FROM"
address. The rep (and whoever is scripting the rep) obviously has no
clue that the FROM address is among the easiest things in an e-mail
header to forge.

Based on all the other conversations on the Web about this, it is
apparent that Ameritrade has no intention of taking this seriously. I
wonder if they are part of the scheme? It's definitely something the
SEC should really look into. They are no doubt benefitting from it.

If any lawyer is reading this and would like to put a class action suit
together, I'm in. I am getting nothing from Ameritrade's customer
service.

Thomas wrote:
> Update on this thread from December:

> http://groups.google.com/group/news.admin.net-abuse.email/msg/1de050b...

> I just changed my original unique Ameritrade email address which was
> getting spammed, to a new unique email address, on my first account on
> 7/6/2006, and on my second account on 7/14/2006.

> Today (7/28/2006) I received a spam at this new address. It is not an
> easily guessed address (aaaaaa-aaaaa-aaa@ourdomain, where a's are
> letters, some random). My machines have not been compromised by
> viruses. The answer is Ameritrade is leaking them, in my opinion.

> I complained to them again today, and within 10 minutes I received a
> form letter response concering Ameritrade's privacy policy, as if that
> is what I am complaining about. (NOWHERE does it tell me they divulge
> my email address to raunchy spammers.) I believe their is an employee
> selling our information, or a security leak at ameritrade. No one seems
> to believe me, but the thread I referenced above should make someone at
> Ameritrade wake up before someone with more time than I have decides to
> get serious, legally.

> I have decided to perform an experiment. I have just updated my
> ameritrade addresses to a set of 47 random characters, drawn from a
> 38-character pool (a-z, 0-9, dash, and period). Based on how slow
> someone would have to check addresses to dictionary attack our server,
> it would take 10^68 YEARS to guess this new email address if you ran
> through every permutation.

> That takes care of the idea that it might be spammer guessing my email
> address.

> I have also taken precautions to make sure this email address never
> ends up on my computer system. It is only stored in our secured mail
> server.

> That takes care of the idea that it might be a virus divulging my email
> address.

> Add to that that I have a hundred other unique addresses used with
> other companies, which are NOT being spammed.

> I will update this thread when I receive a spam at this new address, if
> only to amuse myself, as Ameritrade seems willing to wait until they're
> cutting a check for damages.

Forward