0

I suspect it’s an attempt at getting into an existing account using a leaked email/password combo. I update my passwords regularly and do not reuse, so I don’t think the attack will be successful, but it is still frustrating. Right now, I’m changing the password of the accounts created and activating two-factor authentification to make sure I keep control of accounts using my email. Then I communicate with the customer service of the different services to let them know what happened. Is this a good idea?

I’m thinking of moving on to a new email; is the hassle worth it? What else should or could I do?

Émile Jetzer
  • 109
  • 1
  • 1
  • 5
  • 1
    This question lakes details. How can they create new accounts if they do not have control of your email? (Most services require you click the link in the email.) Are you referring to "trying to login to your accounts"? – freezable Feb 22 '20 at 03:07
  • I get emails asking me to confirm my email for the creation of a new account on services I don’t use. – Émile Jetzer Feb 22 '20 at 03:16
  • If you never click the verification links, then you shouldn't have much to worry about. In the meantime, try googling your email address to see where people might be getting it from. – Irfan434 Feb 22 '20 at 03:54
  • There is no "attack". There isn't even a security issue. It's just annoying. – schroeder Feb 23 '20 at 08:11

2 Answers2

3

Nothing much you can do. Check this very interesting chain from Google: https://support.google.com/mail/thread/6055937?hl=en

I have tried working with them, but they claim they were able to register the email, with the identical name (no dot). As this "bug " is now sharing that person's PII with me, and Google is located in California, I would think they would want to resolve this issue. However, there is no way listed of speaking/contacting someone at Google to resolve this.

Claim, being the keyword here. You will see this is a recurring pattern of phishing information. People will contact the other side, which claims that they get the same emails and when you ask them to forward one then communications stop.

Not much point changing emails, it can happen for any addresses, like other spam does. The bothersome thing is that those emails get through your provider's filters whereas spam doesn't.

My suggestion is to whitelist addresses for your account instead of blacklisting. This way only certain people can get to your inbox and when you want to register, you can always access your junk mail and add this new domain to your whitelist.

Athanasios Kataras
  • 217
  • 1
  • 7
1

I’m thinking of moving on to a new email; is the hassle worth it?

Moving to a new email for each account is a good idea since the attackers already know your current email. There is little benefit though to completely drop the email, so it might not be worth it for you.

What else should or could I do?

You should always use different emails for different accounts. Depending on the accounts you use, if the number of your emails is quite limited, you should group the accounts of the same security level. This way, attackers won't know which email to use at once.

I think Outlook supports multiple emails for the same account.

It's not too inconvenient. Just change it in settings of each service.

freezable
  • 118
  • 8