The ISP market is a jungle: it’s every man for himself and leave the wounded behind. Some time ago, I subscribed to a big ISP (that shall remain nameless) that was leading the market. When I subscribed, I gave my chosen username for the email address – although it was included with the service I never used it (I didn’t even configure it). The username is a mix of things that make it unique and pretty much unreachable through dictionary attacks, something like 667gptfoo99x@.
Approximately 10 months later, while calling customer service for a question, they told me I had a lot of spam in my Inbox and offered me a “security package” that included anti-spam. Curious, I asked him why he had access to my mailbox. He said he didn’t; he hesitated then told me he just assumed I had lots of spam because everyone else did. I had never checked that Inbox before, but I decided to do it then. Wow! Just 3 weeks after subscribing with that provider, I began receiving spam. After 10 months with them, I was getting an average of 20 spam a day. How did spammers find this mailbox? It was never used, never configured, so there were no references to it anywhere.
It’s obvious that the ISP is selling the list. I reread the contract’s fine print and noticed that no personal information that could identify ME directly would be sold or shared. BUT, I guess that an email, that doesn’t identify ME directly, CAN be sold or shared. So let me scratch your car to sell you a paint job…
Has this happened to you? I’d like to hear your stories.