Have AWeber Been Compromised Again???

by 126 replies
156
Let me start off by saying that I'm a massive fan
of AWeber and recommend them highly to others.

However...

It seems that their systems may have been compromised
again.

You may remember the previous AWeber compromise
back in December 2009 when subscriber data was
accessed by spammers.

Here's the Warrior Thread from that time:

http://www.warriorforum.com/main-int...mpromised.html

And here was AWeber's response back then:

How We’ve Addressed The Recent Data Compromise

Since that time, I've been hyper-paranoid about
giving out my e-mails to any lists I join - regardless
of what autoresponder service provider is used.

If I sign-up for a list, I always create a unique
e-mail address for the particular list that I only
use to subscribe to that list.

For example, if I join Joe Blogs newsletter, I'll
create a unique e-mail address of joeblogs@example.com
in my cpanel and then subscribe with that.

Well, this morning, I've been inundated with spam
to e-mail addresses that I have only used to join
lists managed by AWeber or AWeber Private Labels.

Some of these e-mail addresses were only created
in the past month and have only been used with
AWeber or AWeber Private Label managed lists.

Here's the typical subject lines of the spam:

Your Federal Tax Payment ID 0103574805 is rejected. Urgent Report.
We Decline Your Federal Tax Payment ID: 0103761189.
Your Federal Tax Payment has been rejetced in system.

And the supposed sender e-mails end in @eftps.gov

Again, these are only being received to e-mail
addresses uniquely created and housed within
AWeber and AWeber Private Label servers.

Anyone else experiencing this too?

P.S. My sites are well protected and I use passwords
with at least 14 characters generated by RoboForm
so I don't think it's my systems.

The reason I think it's AWeber is because only the
unique e-mail addresses created specifically for the
AWeber managed lists are receiving spam.

I'm open to being wrong which is why I'm asking the
question if AWeber have been compromised again.

Dedicated to your success,

Shaun
#main internet marketing discussion forum #aweber #compromised
  • Oh no... It seem to be a reason for the warning given in this thread http://www.warriorforum.com/main-int...ml#post2739893
    • [1] reply
    • I've just done some deeper research into the 32 e-mail
      addresses suddenly receiving spam, and here's what I've
      found:

      All 32 of the e-mail addresses are housed within AWeber
      or their Private Labels.

      26 of the e-mail addresses are unique and were only used
      to subscribe to the AWeber managed lists.

      The other 6 e-mail addresses are housed within AWeber
      and have also been used elsewhere.

      Anyone else finding this too?

      Dedicated to your success,

      Shaun
  • Hmm, let's see.

    I have an email address from an obscure domain that I only use for testing a sales process that includes only Aweber as the AR service, and now (today) I get this specific spam email multiple times...

    Yes, it looks like the 'think tank' has let it happen again.

    Very distressing.

    Thanks,

    John
  • Shaun,

    I didn't have to look that far. The address I am getting that specific spam mail to is ONLY used for testing a sales process that is using Aweber as part of it. Not used anywhere else. I set up the address just for this purpose, so yes, I think you are on to something. And, it just started this morning.

    At least I can dump mine and set up another one.

    Thanks,

    John
    • [1] reply
    • Same here.

      I create a unique e-mail address each time and then
      forward it to GMail. Fortunately, GMail is filtering all
      of these e-mails into spam.

      But the audit track is there because unique e-mail
      addresses have been used.

      I've sent a support ticket into AWeber alerting them
      of the findings.

      Dedicated to your success,

      Shaun
      • [ 1 ] Thanks
  • Hey Shaun

    Yep I just sent out a warning email to all my subscribers. I am pretty sure that aweber has been hit again and whoever did it must of been really good! Because aweber have some pretty tight security from all regards according to a ethical hacker blog that I read often. How bad has it hit you Shaun?

    Josh

    The Crazy Email Professor
    • [1] reply
    • Because I use unique e-mail addresses for each new
      subscription, I can simply delete the unique e-mail
      address and then create a new unique address that
      forwards to my main address. Or, just let GMail filter
      them into spam.

      However, my main concern is for my own subscribers for
      lists that are housed within AWeber as many people use
      their main e-mail address for many subscriptions.

      I don't know how widespread the compromise is as of yet.
      Hopefully it's only a small percentage of AWeber lists and
      list owners that are affected.

      Dedidcated to your success,

      Shaun
  • Hey Shaun

    I have sent in a ticket as well and notified my agent there and she said they are getting right on it and looking into it

    Josh
    The Crazy Email Marketing Professor
  • Those are really bad news. If this gets confirmed, how can Aweber expect us to trust them?

    This can bring them down.
    • [1] reply
    • Everyone and anyone can get hacked - sadly, it's a fact of life.

      There are things that can be done to prevent it, but, if you're putting your customer's email addresses in the hands of a third party - there is always a risk of a breach.

      In the same way that there's always a risk that the mailman could steal your mail, the checkout girl could swipe your credit card through a cloning machine etc.

      The only way to protect your customer data 100% is not to collect any at all.

      I'm sure Aweber are doing everything they can to ensure their systems are safe - but they can only guard against known exploits, hackers will always develop new exploits.

      Ever heard of a WP site being hacked? Does that mean you'll never use WP again?
      • [ 4 ] Thanks
  • I also use unique email addresses and can confirm that I have just started receiving spam today on about 6 different emails addresses.

    There has certainly been a compromise.
  • Hey Shaun

    Yeah I do know what you mean.

    I have quite a loyal list and they notified me that they have been recieving alot of spam of late as I send out a broadcast about how much spam I recieve daily. I was alarmed when I saw my survey stats come back that in the last week people where getting 20 more spam messages per day. Than the week before, that was my first alarm, the second was my account that now is getting over 100+ spam emails which my VA is having a field day sorting through and finding out exactly which email it came from. As I have a similar system to your own Shaun after the first time aweber got targeted.

    I have sent out some free gifts to my list and notified them of the "Possible" out break of spam and how they can filter it.

    Also I hope you are correct and that it is only a small percentage and hopefully they are targeting the bigger lists as they would have been smart enough to take the precautions we have in case this happened again.

    @Fernando Veloso I doubt this will break aweber as they have been through it before and I am sure they will survive it again. Without out really anyone knowing in the public. The scary fact is that this could happen to any autoresponder company and not just aweber. Because there are so very smart hackers out there, that are unstoppable.

    I would be interested though to see how it does affect the brand.

    Josh

    The Crazy Email Marketing Professor
  • Not sure it's related but I have noticed lots of Viagra spam this morning to addys that don't normally get spam.

    Used for Aweber sign ups but not uniquely.

    Hope it's not true.

    David
  • Yes Shaun, getting them too. Whether or not it's Aweber, I have no idea.

    But if it looks like a duck and quacks like a duck...well...you know.

    PS - I love Aweber too but sheesh.
  • Not again..... This is not good for Aweber.
    • [1] reply
    • Hmmm... This is odd.

      I haven't gotten any to tagged addresses yet, but I had about 60 of the EFTPS spams, and in the past hour it seems to have all changed to pharma spam. The strange thing is the volume. It's way more copies than one would expect to any single address normally.

      It's coming in now at the rate of about 3 or 4 per minute. All from a botnet. That's NOT normal.


      Paul
  • Now that you mention it - something else with aweber...

    For the last week or so my number of optins has dropped off about 25%. All of my subscribers come from PPC ads. The ads are in the same positions, the bids are the same and yet the number of subscribers/day has dropped off 25% to 30% per day.

    I don't know if it's related but could be that ALL of the confirm messages are going to SPAM box now?

    Just a thought...
    • [1] reply
    • I have noticed the same thing my opt-ins have dropped slightly also I hope its not related.
  • Back to EFTPS, and a lot faster than I had thought. Like 45 of the same email in the past minute. This isn't a normal spam run.

    Assuming this does involve a compromise at Aweber, two things seem most likely. It's being done with a badly broken bot or it's a direct attack with them in mind.

    Still nothing to tagged addresses, so I'm not convinced yet.


    Paul
  • Folks, do me a favor? If you're getting this stuff to tagged addresses, PM me the URLs where you signed up, or the names of the lists you used the addresses for?

    Got a hunch. It could be wrong, so I don't want to say anything publicly yet.


    Paul
    • [1] reply
    • Paul, do you still need this now that we know Aweber did get hacked? I've got a fair few newly-spammed one aweber sub only addresses. I'll sort 'em if it's still useful but won't bother if it's not.
  • I just started getting the pharm emails - about 1 a minute
    • [1] reply
    • I'm getting the badly misspelled tax payment delayed emails and lots of Viagra spam to one email that I rarely use to sign up for any lists. I'm scared to go look at the other two that I specifically use to sign up for emails...lol.

      I don't know what the "tagged" means, but on this email, the spam is all addressed to one of my PayPal emails.

      Tina
      • [2] replies
  • Look out! Not just Aweber. I am getting the "Your Federal Tax Payment ID 010...."
    emails and the addy used was not hacked from Aweber.

    Hugh
    • [1] reply
    • Is that to a totally unique e-mail address that's not been
      used anywhere else?

      If so, where did you use the e-mail address?

      Of the 32 of mine getting spam, 26 are totally unique and
      only used in AWeber. The other 6 are not unique but have
      been used in AWeber and elsewhere.

      Dedicated to your success,

      Shaun
  • [DELETED]
  • You mean Katya, 21 y.o doesn't actually want a man to have a strong family?

    I'm truly disappointed. lol.

    Over the last 5 days I've been getting the cycle between the tax, pharma and katya emails - unfortunately I haven't used tagged emails - but I think I'm going to start using them for subs. At least that way I can ditch them when the spam begins.

    Good idea.
  • The tagged addresses most of you are talking about are easily guessed. I have gotten two spams so far to an address that's NOT easily guessed and exists only on my newsletter list.

    I am now convinced.


    Paul
    • [1] reply
    • My emails are certainly not guessable, they look like a34JK23Lw1@snkemail.com - The email service sneakemail.com allows you to generate random email addresses for each service and tag each one with the name of the service. When you receive an email, the display name is shown as the service so you can always see who sent the email.

      There is zero doubt that awebers database has been compromised.
      • [1] reply
  • I just got the tax spammed message to my own list tagged email. Something is going on here. Hope Aweber can get on top of it soon
  • Yes, getting deluged with those to our test e-mail we use
    to seed an Aweber list.

    That and pharma stuff, both to aweber seeding e-mails.
  • I have had about 12 of those emails today alone sent to 1 email address.

    I would be surprised if they were unaware of the problem and can fix it however, these spammers ALREADY have my email address. If they wanted to sell it on, I'm sure they could.

    How can they FIX that..? Perhaps most of the damage has been done.
  • This is pretty discouraging news. I JUST moved my list from Constant Contact to AWeber ...

  • Have AWeber Been Compromised Again??? YES. I can confirm that many (17 approx) of the new unique addresses I created to replace addresses compromised in Dec09 have been spammed starting on the 18th with the Tax Payment Spam and "Girls will be happy!" and "it would be super!" At first glance this spam does not seem to have gone to any addresses that weren't created to replace the compromised AWeber ones. They are crap at security then? I'm not a list owner, just signed up to various lists that AWeber hosts. Great pity we can't get compensation for the aggravation caused, they didn't seem very bothered last time (not even a mention on the front page of their web site).
    • [1] reply
    • Yep, I've been getting spam to 10 different tagged addresses given to 10 different aweber customers.
  • I am getting loads of those emails too. But I am 99.9% sure some of those email addresses have never been entered into an aweber list by me.

    I use Infusion and some of the email addresses they are coming to are only used there.

    I wonder if this is more than aweber. It could either be Infusion or my host as well.
    • [1] reply
    • Okay. This is weird.

      I've gotten hundreds of those to one address. I've gotten two each to a couple of addresses that are only one one list (mine). I'm wondering now if this isn't going to be one of each spam for each subscription.

      The EFTPS stuff started around the first week of October, in preparation for the last day to file taxes for folks who'd filed under an extension. Got small amounts then, but only to the usual addresses. That part of the spam load was normal.

      The tagged stuff happened today for the first time, and it's all part of one big flood.

      Nothing yet at the Yahoo or Hotmail boxes I use for testing. And only a small handful at the Gmail address at which I get a lot of my subscriptions. Looks like the content filters will have gotten it figured out, and the DNSBLs are still behind, which is to be expected with bot spam like this.


      Paul
      • [1] reply
  • Yep, tidal wave of spam today... I had deleted a few hundred by lunchtime!

    One factor in common - All of the email addresses hit have been used on Aweber. I'm absolutely certain that is the root as this includes addresses we only use for testing our Aweber webforms.

    The problem is compounded by multiple copies of the same spam email being sent. So as a temporary measure I have set our server to delete all known spam emails upon receipt at server...

    The joy of it all!

    M
  • Yes, I was wondering who to blame this on good thing I read this I was about to give someone a phone call, and rain down hell on them, would have been an opps moment, but now I can see where this is definitely coming from because the only connection to the spam was that both email accounts were at one time associated with that vendor mentioned earlier, (allegedly):
  • Giles,It won't make any difference to a lot of people how Aweber responds, because they're set in their thinking on the issue already. For example, LB described it as "inexcusable."

    It's a problem, definitely. The question, at least to me, is could it have been avoided by reasonable precautions that weren't taken, or was it beyond the ability of a serious security audit to prevent? Without knowing how it happened, there's no way to sensibly answer that question.

    When this happened last year, it was followed fairly closely by a similar issue with another ESP. These were on the heels of security breaches at the DoD, the CIA, Google, and a number of other large IT firms. In very recent news, a chunk of Microsoft IP space was being used to provide nameservice for a bunch of phishing domains.

    There is no such thing as perfect security.


    Paul
  • Oh FFS...

    Just what I need. This is a tremendous cock up right now. I'm not blamin' AWeber.. I could just do without this crap, my current workload is enough to make me want a 9 - 5....

    It's gonna be a LOOOONG night.

    It's times like this that I wish I didn't have so many ******* segmented lists.. gonna have to check/mail to them all... and it's one day of mailing that is guaranteed to lose me money instead of making more..


    grrrrr ¬¬¬¬¬!Wewivlnlwrvinqe;vkhq;ovwl.vinwlr;iv rhvo;qiwgov;qjig !!!!!!!
  • p.s.

    Anyone who is blindly pointing the finger at AWeber.. needs to take a running jump... Safety and security of information is an illusion, it can and does happen to anyone. Regardless of size.
    • [ 4 ] Thanks
    • [1] reply
    • Unfortunately, you are right, Yay.

      Already the fourth day that I get such messages (tax, viagra, watches, pharma, just name a few kind). First day I got 13, next 29, yesterday 69, and today 116 arrived into a certain email address.

      It's weird and annoying. I will to cancel that email address today and put up a new one. Nothing else I can do about it, unfortunately.

      Let's make something productive.

      All the best,

      Sandor
  • Got several dozens of those annoying EFTPS emails too. I didn't know what was happening until I read this.
  • I deleted over a hundred of the pharma ones this morning - all filtered out by Gmail, but annoying none the less. Thought I had just got snagged by a spammer, but looks like I had better check my lists - thanks for the heads-up
    • [2] replies
    • Yep! Me too. Hundreds of Pharma Spam and the tax spam, all from my awber email address. Damn! What a mess. Should I leave Aweber or not, that now becomes the question.
    • I hate ME TOO posts, but ME TOO!

      11 of 20 email addresses I use for IM email got this same spam. I am off to delete those addresses.

      Maybe this is a good way to par down the number of newsletters I get.
  • Thanks for this. I didn't know about the earlier breach in Dec09 and when I started getting loads of spam to unique email addresses on my spamarrest.com account I assumed I had been careless somehow on facebook or Gmail and had been hacked. Today I started getting the spam on just 2 unique email addresses used for subscribing to email lists. Now I know its not my fault! Thanks.
  • Hi all,

    We're looking into a possible data compromise and will be sharing any findings after we complete our investigation.

    I'll return here to post, but you may also want to subscribe to our blog or follow us on Twitter to stay in the loop.
    • [ 4 ] Thanks
  • Our email guys have a catch all account they use to monitor for abuse. They noticed a very significant spike in pharma spam being sent to email addresses specifically signed up on Aweber addresses.

    Security is a top concern at all ESPs including Aweber. I know Justin will confirm the details that everyone is buzzing about. It's important to remember that security is a moving target and no company or service is completely immune to attack.

    Hope this wasn't as severe as the previous one. Thanks for your rapid response, Justin.
    • [ 1 ] Thanks
  • Yes, I am new internet marketing and I have 150 subscribers in my list.

    I have 3 addresses of my own and I got the same email 3 or 4 of them today.
    • [1] reply
    • Yeah. 8 or 9 pharma spam for me too. But I delete spam all the time without thinking about it. I don't see the big deal. But that's just me, of course. Woo gMail.

      But since I'm paranoid. I blame it on the Gov. They want email to be unsafe so they can ban it. Just kidding. I'm a joker. Really. No kidding.
  • Had a chat with my Rep at Aweber and they said they are getting onto it and looking into it, Have not heard anything back yet but when I do I will be the first to post here.
  • Hi all,

    We've just posted about this on our blog:

    Email Subscriber Data Accessed; What We're Doing About It

    If you have any questions, please give us a call or an email:

    877-AWEBER-1 or +1 215-825-2196
    http://www.aweber.com/contact-us.htm

    Thanks for your patience while we investigated the issue. I'm sorry this occurred.
    • [ 6 ] Thanks
    • [1] reply
    • Thanks for dealing with this issue so promptly and openly (with
      Warriors anyways).

      Remember that a data compromise can happen to any company
      online - even banks.

      I think that this time, AWeber have responded more swiftly
      than the last intrusion, and they've also posted on this thread
      to keep Warriors informed.

      Sometimes, these un-intended mistakes happen in business.
      What's important is how a company responds to challenges
      like this.

      Dedicated to your success,

      Shaun
      • [1] reply
  • Justin,

    I agree with Shaun, however...

    Though I appreciate that you have responded and apologised on your blog and via this forum, as an Aweber customer I would respectfully suggest that you have not been as open as you could be.

    ...yet.

    Yes, via the control panel of Aweber a user can see the blog posts... but I'm wondering how many users actually notice that. And of course, not all Aweber users are WF readers...

    May I suggest an email to customers and/or a more obvious statement on the control panel.

    I realise this revelation of data theft could be a major blow when considering your relationship with your customers... but the theft of data (even if only with the intention to spam people) is a very serious issue.

    Mistakes and problems do happen for all businesses ...but it is times like these that the truly great suppliers have a chance to shine, should they choose to act beyond the call of duty.

    Just a thought,

    Michael
    • [1] reply
    • Hey Shaun,

      I too, received "ET tax" and "pharma" spams too, but not only through Aweber subscribed lists but I also see it coming through my Hostgator Cpanel emails...my resller customers are getting them too. So, it's not specific to Aweber, I'm afraid.

      Funny that my Yahoo, Google and Hotmail email accounts haven't been affected yet.

      I'm not going to "freak" this time and keep Aweber and just keep going. It's a fact of life I'm afraid.
  • So once again your customers have not been contacted about this directly and you've disabled comments on that blog post. (of course you'd just not approve them anyway...which is what happened anytime I politely offered an alternative view to one of them)

    Man up Aweber.

    I guarantee you (based on my own experience) that right now your customers are getting cussed out and threatened with lawsuits by people who have had their emails stolen. Many people use emails like listname.name@domain.com so they know exactly which email was the problem and they are used once per list.

    It's not fair that you don't even have the decency to notify your customers directly via email and expect them to look at your blog.
    • [ 3 ] Thanks
    • [1] reply
    • It says on the aweber blog:

      "While most of them (referring to subscribers) will not notice any changes to their inboxes as a result of this incident, we take that trust, and what has happened, seriously."

      Does this mean business as usual? Am I in the "minority" who are receiving dozens of Watches spam emails?

      On the contrary, my yahoo email subscribed to aweber doesn't seem to get much of those spam emails.

      Would be great to know if yahoo, gmail, hotmail or any other email accounts have been spared from the attack.

      Thanks!
      • [1] reply
  • That's quite hilarious (well, not really!) but I searched for some info pertaining to the use of Aweber, and you just described what I received in the way of email, to a Tee! I just received about 20 of these in the last 24 or 48 hours. The only thing I could think is I just installed a new Microsoft Office 2007, and the Outlook is not yet setup like my old email program with its set of "no-no" words and phrases!

    And yes, I have been using my common email address in Aweber, which I'll change.
    • [1] reply
    • I have received substantially more 'watches and Pharma' emails to virtually all of my email addresses over the last week or so, particularly over the last 48 hours. Some were directed to accounts associated with my Aweber account, the majority were not and were received in other of my email accounts.

      I am not suggesting that there is or is not a problem with Aweber, but I do feel that the classic human failure of mass hysteria may be starting to surface in some areas of the thread.

      All problems can be solved and resolved.

      Just my thoughts,

      Jeff.
  • Rough situation for everyone, I have had about 10 to 15 offers for nice rolex watches today, anyone want a great deal on a rolex...

    It is frustrating, when your a victim of data that is not in your direct control it is a risk you take when you use a hosted service, still, on the positive side, at least they have posted about the issue, that is at least something...
  • I know that many have suggested the same thing, but I use a 'dummy' email acct when I fill out optin forms that I am just 'curious' about. Sometimes, if you sign up to just get the free info,software,or tip you will get emails from that person for a lifetime., and some will email you every 3 days. Now imagine if you filled out a couple of boxes just cause you were curious. I use a secondary email setup and then I can pick and choose what I read and care about. I know that you can also 'unsubscribe' to the emails, but sometimes that gets forgotten.
  • I had that same email spamming me also. I also get the Viagra one regularly also. My filter doesn't even seem to block them.

    At least I feel like someone loves me!

    Thanks for the heads up though. I've been too busy to even give it a second thought.
  • I got the same type email as it seems many others have too. It was def spam. I never realized this was a possibility. However, I was unaware of the previous compromise.
  • A lawsuit?

    That's pretty retarded.

    I'm not happy about this either, and I stopped giving my business to them after the last go round. Raising prices, failing to acknowledge and respond to the problem, plus me losing subscribers and getting my azz handed to me because of something far outside of my control... well suffice it to say that it was certainly a customer service issue that bore consequences for them. They failed to even acknowledge that they had put every list owner in a terrible position with their subscribers, and nary a "hey we've got a free month for you" or some effort to provide some sort of gesture.

    So, I voted with my wallet, and I am open about my experience with them.

    But a class action lawsuit? Please.

    If you're itching for a class action lawsuit, do it somewhere productive... like medical healthcare providers and health insurance underwriters for failing to disclose the prices of medical services. Help to change an industry, don't pile on a company just because they've dropped the ball on customer service issues and give some law firm even MORE money to send to the Trial Lawyer's Association.
    • [ 2 ] Thanks
  • Out of curiosity Michael what provider/s do you use atm?

    Chris
  • Oh great! I just started building a nice list, getting about 200 subscribers a day and now due to Aweber's security a chunk of my subscribers will now not trust any emails from me!
  • Does this mean everybody who has a list in Aweber will get infected, I seem to have the same problem since a few day's. Does this also infect my subscribers? Anybody got an idea about that?
    • [1] reply
    • I don't know how deep the compromise went - only AWeber
      can answer that for you definitively.

      I don't know if it will affect your specific subscribers either.

      What I do know, is that I joined some people's AWeber-managed
      lists (as recently as the 8th October) and those unique e-mail
      addresses are now receiving the specific spam that I've outlined.

      At least 36 AWeber-managed lists that I'm on were compromised.

      Only AWeber can let you know if your specific e-mail lists and
      subscriber e-mails have been accessed.

      Dedicated to your success,

      Shaun
  • Does anyone know if icontact notified their customers directy?

    It does say they went to the FBI.

    If aweber has not contacted law enforcement TWICE now then that is total negligence as far as I'm concerned.

    It's like a bank keeps getting robbed and they never call the cops.
    • [1] reply
    • When I read this I got a real laugh, but you know what, most Law Enforcement Officers, think about this type of issue, when it comes up that if its not reported chances are its an internal issue, (inside job)

      no one wants to have its employees investigated for this type of crime and it is a crime, make no mistake about it,

      but we really dont know what the facts are, and so should not throw rocks in this case we just know that today, I am getting tons of Viagra and other offers, on emails that I only use for internal business, now that is significant, because I use other emails, for opt ins and routine business and expect to get spammed, yes that sadly is part of doing business, but when you have an internal email, that is (not) subscribed to lists but is used as business only contacts, or except as a user account, then that is an entirely different matter, that makes it very inconvenient.

      Because I monitor those accounts every 10 min, for support and sales related activity, or if a client has a server or programming support issue, I do not like receiving spam on that account, because I often tie it to my cell phone so I can support my clients even when I am away from my computer.

      I agree that it is very frustrating, that anyone would not take the necessary steps to preserve a clients privacy, more so when that company makes claims about the services they provide, but I do not think that you should hang them by the nearest tree either.
  • I am also receiving the spam in all 8 of my email addresses uniquely generated to individual aweber lists.

    Except for copious misspellings, it was a pretty good ruse by the spammers. the link sent people to an actual site, which, lol has the message:

    "Remember! EFTPS values your privacy and security and will never attempt to contact you via e-mail. If you ever receive an e-mail that claims to be from EFTPS or from a sender you do not recognize that mentions a payment made through EFTPS, forward the e-mail to ** or call the Treasury Inspector General for Tax Administration at 1.800.366.4484."
  • What a shame. Having left Aweber after the first breach, I was starting to think about maybe using them again because I generally like the features they offer, and I thought "They've been hit once, what are the odds of this happening again? Surely they've beefed up security after the first breach"

    So much for that theory! I know nobody guarantees anything or takes full responsibility for things like this these days and yeah, companies get hacked all the time...but when your clients and their clients trust you with their personal information, I would think no expense would be spared to safeguard that info.

    Yes, it's great that no credit card or other info was accessed this time and kudos to Aweber for being a little bit more proactive this time around, but after two exploits in a year, I don't think they'll get my business again.
    • [1] reply
    • I clicked one of the spam to a unique email addresses stolen from Aweber that promptly advertised "male power" with a link to pilldoctorce17.com to see where it would go.

      It appears pilldoctorce17.com was recently registered (registration info oddly not coming up) and the source code shows it is pulling its data from bonvenon.com. The site appears to be a Canadian pharmacy.

      I say "appears" because when you get to an order page the source code has this ironic comment:

      FAKE_FORM

      Suggesting this is really a phishing scheme and not someone trying to sell Viagra or whatever.

      This fake order form is on a domain called payquickonline.com. Again, an odd problem pulling up its registration info.

      The domain registrar is ELB Group at retailstudio.com. Didn't see much on that domain, but the registration comes back for a French company.

      That French company should have some information about who registered the domains that is responsible for the spam and criminal hack of AWeber. Of course, the payment info used could be stolen, but who knows until you actually follow-up and see what is there.
  • I've also been getting the spam to unique e-mail addresses used exclusively for the lists of Aweber clients. I recall I had to spend hours logging into Cpanel to turn off the hundreds of e-mail addresses I had created when signing up to lists hosted by Aweber.
    • [1] reply
    • Well...in the last 2 days I have been reporting these spam messages to SpamCop.net ..it was a tedious job and it seems useless..however..after 2 days of frustration, it looks like it finally worked.

      Spam volume significantly reduced...few of them still coming....but much less than the whole horrible week.

      What I noticed is that:

      -Most of these spam emails originated from certain countries (Philippines, Brazil, Russia, and France)..

      -The links directing to newly registered domains, obviously registered by specific entities with a clear sole purpose of spamming...and they created them in order:
      pharmacyyg31.com, pharmacyyg32.com....pharmacyyg40.com....pharmacyyg 51.com..and so on..it never ends....this suspicious behavior raises big red flags that this is not just a spam attack, it's an obvious criminal plot...


      Finally, it doesn't seem to be exclusive to Aweber lists, I received these messages on private addresses I NEVER USED to sign up for any kind of list...
  • I've also noticed an unusual amount of spam over the past few days to at least one of my email addresses that I typically use to sign up for lists. And all of the new spam messages are very similar to each other.

    My subscriber rates have also dropped in the past week or so and I don't see anything that has changed on my end that would explain it. And I use Aweber.
  • I don't know if they have been got at again Shaun, but thanks for the heads up on using a unique email address for each mailing list.

    Very useful.
    • [1] reply
    • Thanks for the discussion. I have been looking all over for others who have had this problem.

      I also use unique e-mail accounts for everything I sign up for. It sometimes shows those who promise "we never share" not living up to it and I can always turn off the e-mail address.

      One of the weirder of the spam e-mails I got from this set was an e-mail and the "To:" part had all of my e-mails (and only my e-mails) that had been compromised, so it made it easier to get a complete list. But I sure don't know how they did that. Unfortunately, some of these e-mail addresses I don't want to turn off.

      I do wish that those who have had their lists compromised would send out a "sorry about that" e-mail. Then there would at least be some tiny bit of recognition of the hassle it caused.

      Mark.
      • [1] reply
  • Hotmail is eating 100% of this spam on my side.
  • Has anyone noticed whether or not the problem is just with Aweber or with some other providers like Constant Contact, etc.?
    • [1] reply
    • iContact also had a breach back in January which was just after the first Aweber breach.
      • [1] reply
  • [DELETED]
  • To be compromised once is one of those things, but twice in a year is borderline stupidity.

    What bothers me most is AWebers pathetic response. Not to inform the list owners is cowardly. Their blog post is taking the piss.

    Aweber kindly state on their blog (which very few people read)
    I do believe they should have added "....yet" at the end of the paragraph.

    Adam
    • [1] reply
    • And that's really just scraping the bottom of the barrel anyway to come up with stuff to downplay the severity if this incident. If I was the hacker/spammer I wouldn't give a damn about affiliates’ tax ID either. The email list along with interests (from what they are subscribed to) - THAT'S the gold mine.

      And they got it.
  • I have about 20 different email addresses dedicated to testing my aweber lists, and then a few more for signing up to other people's lists. I'm now getting spam in those email boxes up the yinyang! Yesterday I sent out a broadcast email to my list. It was the first email I had sent out in over a month. And yet I had a huge chunk of the list unsubscribe because they claim they're receiving too much spam.

    Do I think we should be compensated? - You're damn right! I know that Allen gets annoyed w/ these kind of posts, (Sorry Allen) but we've been paying increasing fees to this company. By the way I still haven't figure out their math - where a person that unsubscribes can be tallied again w/ those that subscribe - but that's a different problem. My lists that I've spent several years building has just lost major credibility. And this gaffe will probably cost me thousands upon thousands of dollars in the future. They should at LEAST offer up a little bit of compensation. Like maybe a few months of free service. That is the LEAST they should do. JMFO!
Join the discussion

Next Topics on Trending Feed