3
I am currently experiencing something that might be construed as an attack, and am wondering what, if anything, I should do about it.
First, a bit of background. I am the long-term owner of a .com domain name, that can be thought of as an abbreviated form of the name of a popular movie. Rather than expose myself any more than I already am, I am going to refer to this domain as movie.com
here. This site was set up for a business I ran a long time ago; the business has long since been closed, but I've kept the site in order to preserve the URLs of various things I've put online there. I only ever created a single email address at this domain, plus a "catch-all" mailbox that forwards anything else to my main address.
From the beginning, that catch-all mailbox has received a trickle of misdirected messages, generally addressed to the name of some character from the movie - mostly MainCharacter@movie.com
, with an occasional the.villain@movie.com
. This never bothered me, as it was low volume, and I knew that I wasn't the original owner of the domain - it seems likely that a previous incarnation of the site was actually a fansite for the movie.
However, that trickle is turning into a flood. In recent months, Mr. Character has been signing up for various newsletters, generally business opportunities of some sort. And in the last few days, he's applied for dozens of jobs, all through the same job site that apparently doesn't require email address confirmation. My inbox is currently being flooded with confirmations of these applications coming from the job site, acknowledgements of receipt of the applications from the companies he applied to, and the occasional message from those companies that want to interview him but found that his contact info wasn't working.
I'm having a hard time imagining why anybody would want to do this. If it's actually an attack directed at me, it's not particularly effective - it would be just a moment's work to disable the catch-all mailbox, and I'd never see a single one of these messages again. Coming up with all these fake resumes, for a variety of job fields, that are good enough to actually get interview requests, seems like an enormous amount of effort - and I don't see how he'd even be able to tell what effect they're having, without actually being able to read the responses.
Perhaps more worrying: somebody with a similar address (referring to the same character, but in the form HeyLastname@movie.com
) has booked a cruise about a dozen times, and then cancelled it within a minute; I'm getting all the confirmation messages. I've double-checked my credit cards, and there's no suspicious activity. My only guess here is that someone is trying to validate stolen credit card numbers, and chose a bogus address at my domain as part of their bogus bookings. I would report this to the cruise line, but all of their messages explicitly state that replies aren't accepted. There's a number to call, but the reviews for this particular company indicate that their phone customer service is awful, it sounds like this would just be a waste of my time. (And I have no convenient way to make phone calls during normal business hours, anyway.)
I can't see anything in your description which can harm you, I don't think you need to worry. People abusing your system might not be aware that it's a valid address. As you receive a lot of trash and nothing useful there I'd just switch off the catchall address. – Máté Juhász – 2019-08-27T04:59:23.880
I know how you feel. Especially the i would do something about it but they don't accept replies or have no contact option is always so annoying and frustrating. I killed most of my catchalls some time ago for this, they get a 550 SMTP reply and are gone (knowing this address was fake) - and I'm not silently complicit in some crazy malware- or money-schemes. Now they could scan for valid emails at the domain, but oh well. – nyov – 2019-08-28T16:44:13.657