PDA

View Full Version : The Obnoxious Consequence of Every Internet Purchase



David Weaver
01-24-2014, 12:30 PM
Several years ago, there were a few places that would spam you when you ordered something. As soon as they got your email address, you'd get endless streams of messages with things that you "had to see, because you won't be able to pass up this offer". Rockler comes to mind. You get a 20% off coupon sometimes, and then in between you get 9 emails about plastic junk that you just can't live without.

Amazon did the same thing, too, though their targeting was actually pretty good - they're good at sending you things you might like. I still opted out of it. Why do I want to buy something when I was rolling along without really having any interest in buying anything. Because of an email? No thanks.

It's gotten to the point now that every single thing you buy on the internet, no matter where you get it, you instantly get "offers" and you might get offers from related partners, even if you opt out of everything as part of the checkout process. When I have to go somewhere for work and make reservations, all of the sudden I get a bunch of junk mail shortly after about all of the different vendors' clubs or offers programs that I will be getting unless I opt out (which I do immediately).

Maybe I'm in the minority, but I'm not a fan. This past week, I've started getting spam messages from different places for software that I use on a regular basis. These are not something I bought recently, just something I'm a user on - I guess they have my email address because I'm a user and they could no longer resist. Of course, same thing "unsubscribe", but while you had to tank an email address every couple of years a decade and a half ago because the dirty picture and bank scammers would become too numerous, now it's a constant battle to try to unsubscribe to every single thing you get slammed on to just because you buy something.

I have started to send emails back to the places sending these emails letting them know my displeasure. To the vendors out there, if I can't reasonably avoid being spammed without having to unsubscribe after the fact (as in, if I opt out of everything at the point of the transaction and I still get garbage emails later), I will not patronize your business.

Rick Potter
01-24-2014, 12:54 PM
The one that got to me was when I found out Mom had Alzheimer's, and went to an Alzheimer's Association site to find out more info. I clicked on the link to give me more info, and within 10 seconds I had my very first spam messages. How low can you go, to take advantage of people when they are emotional, and desperate for information, then sell the info.

I still get angry after 10 years.

Rick Potter

Erik Loza
01-24-2014, 1:03 PM
I signed up for a Red Cross CPR class the other day and no kidding, get one to two unsolicited emails per day from them. "How are we doing?", "Take this survey", "Did you know?", etc. I'm afraid that if I unsubscribe, I may not get updates about the class though... :(

Erik Loza
Minimax USA

Lee Reep
01-24-2014, 1:03 PM
I recommend setting up another email account just for ordering. You have one place to look for tracking information, and all their spam goes to that account. I actually have three email accounts, which maybe is more of a curse than a blessing. The third is for giving someone in a store my email. Having an iPhone helps since I can easily check all my emails. Doing it from the PC is somewhat of a pain since the login is more clumsy. But, multiple accounts does help on the aggravation factor. Periodically I just go in and unsubscribe from the worst offenders. And some of these seem to take FOREVER to process the unsubscribe requests. Either Yahoo or Gmail make good secondary accounts. Yahoo has a better spam filter, I think, but that was based on making some changes a couple years ago.

The worst offender for me so far is Felder USA. I had to register on their website to get their pricing. Then I started getting email requests asking if I had any questions. Then their marketing guy left messages on our home voicemail! Twice! I decided not to respond, and see how long they would nag me. :)

Rich Riddle
01-24-2014, 1:15 PM
The worst offender ever for this is National Geographic. Cancelled the membership the first month because we started getting five or six calls daily from them or one of their vendors. Once you have a "relationship" with a company you are no longer covered by the "do not call" laws. The poster who indicated to have a junk e-mail account was spot-on. Otherwise you will get endless e-mail. Only time I open the junk e-mail account is when an order is expected. After seeing that e-mail on the screen, all the others are immediately discarded. Works great.

glenn bradley
01-24-2014, 1:25 PM
I signed up for a Red Cross CPR class the other day and no kidding, get one to two unsolicited emails per day from them. "How are we doing?", "Take this survey", "Did you know?", etc. I'm afraid that if I unsubscribe, I may not get updates about the class though... :(

Erik Loza
Minimax USA

I try to be very blunt (not nasty) in response to the "How are we doing?" sorts of emails. If companies don't get feedback they are operating in a vacuum. If their methods lead them to SPAM you, you should tell them so in no uncertain terms. Many folks use outside email services that justify their fees on the quantity of reactions to their emails they can quantify so, they tend to bury you. Call or email their customer (the one you are actually doing business with) and tell them that their email service is ticking you off.

David Weaver
01-24-2014, 1:25 PM
I signed up for a Red Cross CPR class the other day and no kidding, get one to two unsolicited emails per day from them. "How are we doing?", "Take this survey", "Did you know?", etc. I'm afraid that if I unsubscribe, I may not get updates about the class though... :(

Erik Loza
Minimax USA

Yeah, the nonprofits and charities are hard core into it, I guess because it costs a lot less than normal "relationship management" kind of business.

When you participate in anything charity for work, even if you're not the organizer, they always want you to register everything online - I guess because that makes information collection instant, and without any data entry or organizing. But probably also because they then have a list to knock on every couple of weeks.

But you know that you're going to get an endless stream of emails as a result of that signup, and they might share your information with someone else. If you signup through work, then you end up getting all of that in your work inbox.

David Weaver
01-24-2014, 1:31 PM
The worst offender for me so far is Felder USA. I had to register on their website to get their pricing. Then I started getting email requests asking if I had any questions. Then their marketing guy left messages on our home voicemail! Twice! I decided not to respond, and see how long they would nag me. :)

In my life, I can't remember ever one time calling any place that had a "call for price" listed. Back before the online vendors mostly sold at MAP, that was the norm for music supply houses. Most of them provide prices now, either MAP, or they must have special agreements. If I don't know the price, I won't order, and I'm not calling to get it. It would be different if they listed the price and told you to call to see if there were special offers.

I have managed (despite having basically two accounts, and none for spam) to get every single place that used to send me endless email offers on a daily or weekly basis to stop. I live 2 miles from rockler, but no longer get coupons from them because I opted out of all of their spam mailing, and now only go to the store when I need consumables like screws. I could save 2 or 3 bucks when I go for them with a coupon, but I'm not going to be distracted 100 separate times between those trips. It does tweak me a little bit that they want to offer coupons to get me to go to what is for me a very accessible store, but they can't manage to just offer the coupons without bombarding me with emails about plastic trinkets and carvewright demos, etc.

I hope at some point in the future, marketers use a little more discretion about what they do and don't send it. It should be offering something material that makes it worth reading, otherwise, folks are going to get fatigued and ignore all of it.

Steve Peterson
01-24-2014, 1:38 PM
I understand how you feel. I rarely buy anything from the spam emails. However, there are a few that I actually sign up for just to get the occasional sale notices. They get my business if they send at the rate of about once or twice per month. Anything more than that and they go to my junk email folder.

The ones that bother me are the opt-out flyers that show up in my real mail. Why should I have to pay for postage to send back the opt-out message?

Steve

Erik Loza
01-24-2014, 1:49 PM
...The worst offender for me so far is Felder USA. I had to register on their website to get their pricing. Then I started getting email requests asking if I had any questions. Then their marketing guy left messages on our home voicemail! Twice! I decided not to respond, and see how long they would nag me. :)


In my life, I can't remember ever one time calling any place that had a "call for price" listed.

Lee and David, that is actually the norm for direct-sale machinery companies (I worked for Felder prior to Minimax...). If you go to any industrial machinery dealer site, aside from factory promos or used machines, a customer is generally required to call or register their email and address in order to get pricing.

Erik Loza
Minimax USA

David Weaver
01-24-2014, 1:54 PM
Lee and David, that is actually the norm for direct-sale machinery companies (I worked for Felder prior to Minimax...). If you go to any industrial machinery dealer site, aside from factory promos or used machines, a customer is generally required to call or register their email and address in order to get pricing.

Erik Loza
Minimax USA

Yeah, I've noticed that. If I had a burning desire (and hadn't gone luddite), it would probably change to "only when I ordered a piece of commercial equipment". I always figured that with the big machines, as much as currency fluctuates, and as much as prices probably differ by the volume a customer buys, there's no way around it.

Val Kosmider
01-24-2014, 2:38 PM
Lee and David, that is actually the norm for direct-sale machinery companies (I worked for Felder prior to Minimax...). If you go to any industrial machinery dealer site, aside from factory promos or used machines, a customer is generally required to call or register their email and address in order to get pricing.

Erik Loza
Minimax USA

I respect the sellers need to protect their pricing information, and want to 'get' something (chance to make a sales pitch, phone number or email addy) for disclosing it. However, as a sample size of one, and with SO many competing options, I can count one one finger the number of times I have gone that route. There is more 'fear' associated with giving up one's privacy than there is 'potential joy' associated with having the pricing info.

It is sort of like when realtors want your contact info before they will disclose details on a property they have for sale. With a little digging I can see the info on ten other sites, and not have to endure the hassle of having to go through hurdles just to get a price/location or whatever.

While I am ranting...just get a business phone installed....they have no "do not call' list...the phone rings constantly with 'credit card processing' offers, software offers, payroll offers, and a host of security, cleaning and insurance offers.

Click.

I guess both things are a numbers game....send out a million hits, and get a handful of responses. Some knucklehead will buy just about anything, and they seem not to care (even the legitimate ones like Red Cross, or others mentioned above) about pizzing you off.

Then there are those web sites that won't let you 'go back' once you are stuck in their site. Yup, they are going to get a lot of business from me. Nope.

Some day a new mousetrap will come along and it will be like Tivo....you just fast forward through all of the crap they throw in your way--and they ALL Lose.

Scott Donley
01-24-2014, 2:46 PM
Last year I sent an E-Mail to every member of Congress about an issue important to me. One member from my state put me on his list, 2or 3 e-mails every week telling me what a great job he was doing in Congress . I tried to unsubscribe to it and it would not let me. I finally had to block his .gov site at my ISP
At least vendors let you unsubscribe.

Erik Loza
01-24-2014, 2:52 PM
I respect the sellers need to protect their pricing information, and want to 'get' something (chance to make a sales pitch, phone number or email addy) for disclosing it. However, as a sample size of one, and with SO many competing options, I can count one one finger the number of times I have gone that route. There is more 'fear' associated with giving up one's privacy than there is 'potential joy' associated with having the pricing info.

It is sort of like when realtors want your contact info before they will disclose details on a property they have for sale. With a little digging I can see the info on ten other sites, and not have to endure the hassle of having to go through hurdles just to get a price/location or whatever.

Val, I respect your feelings and you are certainly entitled to them but the manufacturers mentioned can get away with this for exactly the reason that you cannot shop around for their particular brand: You HAVE to deal directly (assuming we are talking about a new unit, not used on the open market...) with one of them in order to obtain it.

All that being said, it has been my experience that you are a lot less likely to get spammed by direct dealers such as these (I can tell you 100% that neither Felder nor Minimax/SCM Group would ever sell your email address to anyone...) than you are by buying some simple item online. For example, I will never email some random customer whose request was just for pricing, more than three or four times over the course of a year. It's the big online places that will spam the daylights out of you, not direct machinery dealers.

My 2-cents as always.

Erik Loza
Minimax USA

Garth Sheane
01-24-2014, 3:09 PM
I was getting a bunch of these spam emails at one time. Then I clicked on their option that told them to "unsubscribe" me from their email list. This worked for most of them, except SKECHERS (the shoe company). I had made the mistake of agreeing to receive their online promotions when I bought shoes in one of their stores. I won't do that again!

Andrew Fleck
01-24-2014, 3:25 PM
I recommend setting up another email account just for ordering.

+1. That's what I do. I have one email account for friends and family only, no exceptions. My other email is for purchases and when I have to give it out for some reason. I don't even bother opening any of the emails from solicitors. I just auto delete them. I gave up the fight of preventing unwanted emails. Now I just deal with them efficiently.

Ed Aumiller
01-24-2014, 8:42 PM
I use a program called "Mailwasher"... lets me preview if I want to, but normally just delete them on the server so they never get to me... Bing or Google it...

Steve Rozmiarek
01-24-2014, 9:49 PM
Ironically, I use gmail and I never get spam anymore. HOWEVER...

A couple weeks ago a couple delinquents got in a chase with the state patrol across the sandhills south of me, ending really close to my house. They were driving a subaru which I mentioned to a friend in an email. Now 90% of all the banner ads I see are for subaru. Not sure they would approve of the context of their ads, but its funny at least.

Brian Ashton
01-25-2014, 4:23 AM
Several years ago *SNIP*

It's much easier to have an email that they get the message… When an email address is required or I suspect scammer (which is all the time) I give them: Jambthespam@g… When they read it back they I often get an extended pause over the phone or if I'm in person they pull a face… I just deadpan them and say it's legit but I never log in… Or sometimes I just say no, you can't have my email because I don't want you spamming me or you selling my address to some idiot that will. Said that to a bank manager the other day and the look she gave me was quite comical - again I just deadpanned her.

Chris Parks
01-25-2014, 4:47 AM
Phone numbers are another source of annoyance. I like it when a company wants your phone numbers, both mobile and home and they get annoyed if you don't want to give them your mobile number or you don't have a mobile phone to give them the number of. The latter really gets them going as they cannot conjure up the fact that someone in this world does not have a mobile phone. As for spam email, a lot depends on the ISP, I never get spam emails at all which is one reason they get my money and I won't change.

Phil Thien
01-25-2014, 10:15 AM
Ironically, I use gmail and I never get spam anymore. HOWEVER...

A couple weeks ago a couple delinquents got in a chase with the state patrol across the sandhills south of me, ending really close to my house. They were driving a subaru which I mentioned to a friend in an email. Now 90% of all the banner ads I see are for subaru. Not sure they would approve of the context of their ads, but its funny at least.

That's easy, just send your friend another E-Mail telling them the back seat was full of naked women!

Curt Harms
01-25-2014, 11:30 AM
Phone numbers are another source of annoyance. I like it when a company wants your phone numbers, both mobile and home and they get annoyed if you don't want to give them your mobile number or you don't have a mobile phone to give them the number of. The latter really gets them going as they cannot conjure up the fact that someone in this world does not have a mobile phone........

I wonder if in the U.S. there are 'local' phone number that are like 900 phone numbers, i.e. they charge per minute. I'd give that out to people who ask for a phone number but seem to have no legitimate need for it. As it is, I just give them a totally off-the-wall number. 267-goaway or something less 'family friendly'.

Lee Reep
01-25-2014, 11:41 AM
Lee and David, that is actually the norm for direct-sale machinery companies (I worked for Felder prior to Minimax...). If you go to any industrial machinery dealer site, aside from factory promos or used machines, a customer is generally required to call or register their email and address in order to get pricing.

Erik Loza
Minimax USA

Well, then Felder is breaking their own rule. Their Hammer website looks almost the same, and you get the pricing directly. I didn't really explain fully. I visited the Hammer site, got pricing, and then went to the Felder site (mostly to understand what is different between the two lines). Then I got the notice to register to see pricing. I'm not really mad, I just find it a bit annoying.

Steve Rozmiarek
01-25-2014, 12:36 PM
That's easy, just send your friend another E-Mail telling them the back seat was full of naked women!

LOL! May throw in a couple other details just for fun too!

Brian Elfert
01-25-2014, 1:25 PM
I've not had as bad of luck as others with targeted mail from vendors. I make darn sure to uncheck any boxes about sending me emails. I'm still not sure how Rakuten (Buy.com) got my new email address as I haven't bought from them since well before I changed email addresses.

My mobile phone number is NEVER given to anyone unless there are like a repair service coming to the house or something like that, or for text messages/calls about credit card fraud. Normal vendors get my home phone that is rarely answered.

Kev Williams
01-25-2014, 6:16 PM
Spam by email doesn't bother me too much. Mostly because my email server adds [possible spam] in the subject line of whatever they think might be spam. I use outlook express, and have a mail rule and folder just for [possible spam]. It gets about 90%
of actual spam, what does get thru is minimal. Now, I DO have to check daily to make sure mail that ISN'T spam (I get maybe 2 per week)...

No, my pet nightmare, and I wish someone would pass a law, is FAXED spam. I've saved every spam fax I got for the past year, and it's over 500 pages. Vacation deals for all over the world. Endless life insurance plans. Don't miss the deadline to get in our Yellow pages. We'll borrow you money. Tons o' money. Lease from us. Bury your dead wife in our yard. You name it... And- :mad: the rub is, I HAVE TO PAY FOR THE PAPER AND INK TO PRINT THEM!!! Don't laugh, some printer ink works out to $26,000 a gallon...

I'm being forced to PAY for advertising I don't want. And don't you dare use the "remove" function. That's nothing more than an "oh yeah? Watch THIS!!" function that just results in MORE spam faxes. Seriously, would some lawmaker please make it illegal for these to fax me ads??

And lets not forget direct marketing by phone. 'nuff said...

Ty Williams
01-25-2014, 7:04 PM
This is one of the huge advantages to owning your own domain with your own email service. Let's say you registered the domain "example.com" for yourself. You can wildcard your email address so that anything that doesn't have an actual account matched to it ends up in default mailbox. So lets say you have Alice, Bob, and Charlie living in your family. Their addresses are, respectively, alice@example.com, bob@example.com, and charlie@example.com. If mail is explicitly addressed to any of those three accounts, it goes straight there. However, if mail arrives addressed to, say, sawmillcreek@example.com, it doesn't match any of the accounts, so it ends up wherever the default is. If Bob is the guy who runs the server, typically all the unmatched addresses go to Bob.

How does this relate to this thread?


Always keep "your" email address reserved for private email. Don't give it out to companies. When you have to give an email out to companies, give them company_name@example.com. So Powermatic gets powermatic@example.com, Festool gets festool@example.com, etc. This allows you two big advantages. First, if a company refuses to stop sending you email, you can just block that address. So if Jet doesn't let you unsubscribe, you just block jet@example.com and it all goes away. The second big advantage is if the company sells your email address or is hacked (VERY COMMON). You start getting spam addressed to, say, harbor_freight@example.com, you can know exactly who sold you out and who you need to give an earful to before you block the address.

This sounds way more complicated than it is and it's a HUGE help in dealing with modern communications.

Chris Parks
01-25-2014, 7:15 PM
That's an awesome idea, you know the source and it get filed by email name, a folder (sort of).

Myk Rian
01-25-2014, 10:16 PM
Phone numbers are another source of annoyance. I like it when a company wants your phone numbers, both mobile and home and they get annoyed if you don't want to give them your mobile number or you don't have a mobile phone to give them the number of.
Call Control app. I don't get ANY annoying calls. Political calls included.

Brian Ashton
01-26-2014, 1:10 AM
This is one of the huge advantages to owning your own domain with your own email service. Let's say you registered the domain "example.com" for yourself. You can wildcard your email address so that anything that doesn't have an actual account matched to it ends up in default mailbox. So lets say you have Alice, Bob, and Charlie living in your family. Their addresses are, respectively, alice@example.com, bob@example.com, and charlie@example.com. If mail is explicitly addressed to any of those three accounts, it goes straight there. However, if mail arrives addressed to, say, sawmillcreek@example.com, it doesn't match any of the accounts, so it ends up wherever the default is. If Bob is the guy who runs the server, typically all the unmatched addresses go to Bob.

How does this relate to this thread?


Always keep "your" email address reserved for private email. Don't give it out to companies. When you have to give an email out to companies, give them company_name@example.com. So Powermatic gets powermatic@example.com, Festool gets festool@example.com, etc. This allows you two big advantages. First, if a company refuses to stop sending you email, you can just block that address. So if Jet doesn't let you unsubscribe, you just block jet@example.com and it all goes away. The second big advantage is if the company sells your email address or is hacked (VERY COMMON). You start getting spam addressed to, say, harbor_freight@example.com, you can know exactly who sold you out and who you need to give an earful to before you block the address.

This sounds way more complicated than it is and it's a HUGE help in dealing with modern communications.


I've thought about doing a similar thing with gmail. making up an new address of the name and a few numbers and then setting that email up to forward on messages to a central email… Just need to be diligent enough to write down all the email addresses and have a single password for them all.

Brian Ashton
01-26-2014, 1:24 AM
Call Control app. I don't get ANY annoying calls. Political calls included.

Calls to cell phones down here cost a lot of money so it's pretty rare to get spam.

Unless your phone company sets up a scam where they send to talk n text messages from spammers. This technique allowed the company to skirt the do not call regulations and, according to the ombudsman was untraceable to back to the source - how convenient for telstra. Took me a while to sort it out. All of the phone calls to telstra had them denying they had anything to do with it but were happy to block the number responsible (which was by the time you phoned the number back was out of service, which made me suspect the phone company right away). But what finally made it undeniable was the messages were never picked up by telstras message system but were picked up by the phones message system itself, which never happened with legitimate calls. When I figured it out I ordered them to turn off talk n text regardless of them proclaiming their innocence. And low and behold the spamming stopped.

phil harold
01-26-2014, 9:02 AM
I recommend setting up another email account just for ordering. You have one place to look for tracking information, and all their spam goes to that account. I actually have three email accounts, which maybe is more of a curse than a blessing. And some of these seem to take FOREVER to process the unsubscribe requests. Either Yahoo or Gmail make good secondary accounts. Yahoo has a better spam filter,

I have three emails too it helps
but one thing to consider is Gmail, Hotmail an Yahoo are free (is anything free?)
They now take keywords out of your emails and then spam your browsers with adds pertaining to those key words
Adblock helps reduce the browser adds
Yahoo seems to have the best spam filter
I also use a non existing email like dontemailme@leavemealone.com
Some times opting out proves your an actual live email so they send ya more...

Ralph Butts
01-26-2014, 10:49 AM
One of the best things about controlling your own domain name is being able to create and delete emails as needed. I create specific e-mails for specific purposes. for instance amazon@mydomain.com. That way if the company or organization I am dealing with sells or uses my address to spam me I just either deactivate the address or delete it if I am done with the need. More importantly I know the organizations that sell or misuse the information making me a more informed consumer.

Jeff Erbele
01-27-2014, 12:31 AM
I have three emails too it helps
but one thing to consider is Gmail, Hotmail an Yahoo are free (is anything free?)
They now take keywords out of your emails and then spam your browsers with adds pertaining to those key words
Adblock helps reduce the browser adds
Yahoo seems to have the best spam filter
I also use a non existing email like dontemailme@leavemealone.com
Some times opting out proves your an actual live email so they send ya more...

Interesting, I find Yahoo is a spam magnet. There was a point where I vigorously responded to all unwanted email, with pleae unsubscribe. That compounded matters many fold.

I have my own domain set up for business thru Go Daddy with 10 email accounts. Of course it is a paid for service with a purpose, but with the side perk of rather effective spam filtering. There is little to begin with but if I mark something as spam it ceases from then on.

Ty Williams
01-27-2014, 3:11 AM
I've thought about doing a similar thing with gmail. making up an new address of the name and a few numbers and then setting that email up to forward on messages to a central email… Just need to be diligent enough to write down all the email addresses and have a single password for them all.

It is incredibly important that you do not do this!

Re-use of passwords on multiple services is one of the most lucrative attack vectors. Bad Guys (TM) compromise example.com and, as part of the heist, get your username and password and whatever information example.com has on you (name, phone, address, whatever). Now, they will try those credentials at other sites to see if you happen to be re-using passwords. It costs them very little to try and they might get very lucky if you, for instance have a password like daughters_name:sons_name at example.com and then use the same thing, or even a slight variation of it, at your bank. The last 18 months have been one HELL of a revolution in password cracking. The automated tools that now exist for trying variations of a theme are truly frightening. Any "clever" way to mangle a word or a phrase you can think of has already been automated and can try many thousands of variations a second against any other place they'd like to try to access your account.

Many security researchers and security specialists are now admitting defeat and saying humans are no longer capable of being responsible for their own accounts. They recommend using a password manager like 1password or LastPass. Basically, you have to remember a single really good, long, truly random password to get access to your password manager and after that, it remembers the username and password for every single site you log into. That frees you up to use very strong passwords like q#&Z2!ATIF9r because you never have to remember it. So each site it's own password like that that isn't repeated anywhere else. All you have to remember (or even write down) is a single super-strong password to get into your password manager.

Brian Elfert
01-27-2014, 8:21 AM
A catch all email address on a domain just means that email account will get every spam email. An email to abcfrw@domain.com will go to that mailbox and so will qwerdfd@domain.com and so on.

I have my own domain registered with Godaddy and hosted through Google Apps free version. I only get 10 accounts so I have to be fairly selective with my email addresses. I don't think it can do wildcard email accounts. I just use one email address for everything as it is easier that way. I can't remember the last time I got an actual spam type email using mail through Google. I do get a fair bit of bulk mail, but it is all companies I have done business with and some I signed up for the emails.

Brian Ashton
01-27-2014, 9:26 AM
It is incredibly important that you do not do this!

Re-use of passwords on multiple services is one of the most lucrative attack vectors. Bad Guys (TM) compromise example.com and, as part of the heist, get your username and password and whatever information example.com has on you (name, phone, address, whatever). Now, they will try those credentials at other sites to see if you happen to be re-using passwords. It costs them very little to try and they might get very lucky if you, for instance have a password like daughters_name:sons_name at example.com and then use the same thing, or even a slight variation of it, at your bank. The last 18 months have been one HELL of a revolution in password cracking. The automated tools that now exist for trying variations of a theme are truly frightening. Any "clever" way to mangle a word or a phrase you can think of has already been automated and can try many thousands of variations a second against any other place they'd like to try to access your account.

Many security researchers and security specialists are now admitting defeat and saying humans are no longer capable of being responsible for their own accounts. They recommend using a password manager like 1password or LastPass. Basically, you have to remember a single really good, long, truly random password to get access to your password manager and after that, it remembers the username and password for every single site you log into. That frees you up to use very strong passwords like q#&Z2!ATIF9r because you never have to remember it. So each site it's own password like that that isn't repeated anywhere else. All you have to remember (or even write down) is a single super-strong password to get into your password manager.


Ease up there a bit… Like I was saying in the post they're gmail accounts - they're disposable so who cares if they get hacked. I don't care if everyone in the world knows the passwords for the gmail accounts is password@1.

For anything that actually matters I have a book with all the passwords written down and all of them are nonsensical, contain numbers, lower and upper case letters, symbols and are at least 10 characters long…

So what do you do when you find out your password manager's encryption has been cracked? Sometimes old school is the way. Write it down in a book in pencil - something anyone under 25 probably has no concept of.

Erik Loza
01-27-2014, 12:39 PM
Interesting, I find Yahoo is a spam magnet....

This ^^^^

I administrate another V-Bulletin forum and 90%+ of all spammers seem to use a Yahoo account. A few are Aol.com and rarely, if ever, Gmail.

Erik Loza
Minimax USA

Jim Rimmer
01-27-2014, 12:57 PM
....you just fast forward through all of the crap they throw in your way--and they ALL Lose.

That is exactly what I do. I read the subject line and if it's a sales message, DELETE. Pop Woodworking and FWW are just about as bad as Rockler now.