Now THIS is un-nerving-- Beware of what you type...

[Kev Williams]

2 days ago I responded to Mayo Pardo's post in the engraving section, to do with his line-cutting issues:
http://www.sawmillcreek.org/showthre...-lines-problem

--my post reads as follows--

Wiping soot & goo off laser cut parts is tantamount to deburring metal parts fabbed in a machine shop- it's just part of the process, and not a lot you can do about it.

And this morning, I get this email...
deburr.jpg
"Let's make deburring more fun"....

Seriously??

There is no possible way this is a coincidence. The engraving business is generally regarded as a 'marking' industry, to do with awards, name badges, etc... It is NOT regarded as part of the "machining" industry. Therfore, the odds of anyone just randomly correlating my engraving business with a machine shop business and me getting email spam for a better deburring tool 2 days after I used the word "deburring" online, is simply astronomical.

And the un-nerving part, where did they get my email address?? I suppose the same computer algorithm that found the word "deburring" was also able to track down what can loosely be described as "my website", and got it there, but I have to wonder, did maybe they get it HERE?

For a long time now I've refused to type certain words or initials in emails, online forums, or any other 'internet venue' just because I've always felt, someone is checking... Maybe I'm paranoid, but, someone is...

<< edit >> -- I also just noticed they used my name in the ad, "Hello Kevin"....
AND- as you can see in the pic, the email address they sent to was "kevin@"-- the email on my website is "info@"...
NOT cool....

[Rich Riddle]

How would they get your e-mail address through the Creek? They could have a representative pm you, but not e-mail you. At least not from here.

[Kevin Nathanson]

The following assumes you are a small business and have suitable control over your email server:

One thing people can do to trace where spam and solicitations come from is to set-up a catch-all account on their email servers, where all email to the domain that has an unknown user name lands. So 'geek@whatever.com' would land there if there was not already a specific account set up for 'geek'.

Then, whenever you enter an email address on a site, event sign up, invite, purchase, whatever... Use the site's name as the account: smc@whatever.com. amazon@whatever.com. etc.

When you start getting emails to 'amazon@whatever.com' that are NOT from 'amazon'? Bingo; you know who is harvesting, listing, selling, trading, scraping your email address.

K

[Kev Williams]

I have a bunch of email aliases for similar purposes; like whenever someone wants an email address before I can get a price quote, etc, I use something like 'online@', which will go to my server but not my computer...

Rich, I'm not pointing fingers at the Creek, but at hackers in general... However, I just checked, and 'kevin@' is NOT the address registered with the Creek, so this sn't the source...

[glenn bradley]

No real hacking required. Many of the things you routinely click OK on allow the use of all sorts of things. Some plug-in, game or advertiser asks; "Want a free puppy? All you have to do is click OK allowing us access to all your cache, images, browsing history, plug-ins, add-ons and habits blah, blah, blah." They just never say it that clearly. The bulk of the problems we solve for folks at work are found to be self inflicted once the forensics are complete. We think we are careful but, sometimes we're in a hurry or just can't be bothered to be thorough.

[Frederick Skelly]

I agree. It's concerning to me too. What Glenn described makes sense. For example, I have often wondered why my former email provider sets the default at "stay logged in for 2 weeks". My suspicion (with no proof), is that the terms of service allow them to do some data harvesting whenever I was logged in.

[Rich Riddle]

I agree. It's concerning to me too. What Glenn described makes sense. For example, I have often wondered why my former email provider sets the default at "stay logged in for 2 weeks". My suspicion (with no proof), is that the terms of service allow them to do some data harvesting whenever I was logged in.

Now this is quite easy to believe. And cookies can be down-right insidious to computer users.

[Bruce Page]

Now this is quite easy to believe. And cookies can be down-right insidious to computer users.

Remember when cookies first came on the scene years ago? Everybody was scared to death of them (I was) and would deny or delete them ASAP. Now it's an everyday fact of life and most of our computers have literally hundreds of them stored.

[Jim Becker]

SMC doesn't disclose your email address, but as others have mentioned, it's likely picked up in many ways from many places. That combined with various tracking codes and ad technologies used pretty much everywhere makes it easy to tie something you type in one place with information collected from other places when it comes to advertising. It's the nature of the Internet.

That said, it also could have been a very weird coincidence...

[Prashun Patel]

The problem is, how in the world can you avoid it short of unplugging completely?

[Bruce Page]

The problem is, how in the world can you avoid it short of unplugging completely?

You can't.

..

[glenn bradley]

The problem is, how in the world can you avoid it short of unplugging completely?

You can't.

..

But, you can greatly reduce your exposure profile. Like having a locking front door latch and a deadbolt, staying secure online requires that you do a little something extra. One thing I do is have all my browsers release and purge everything on exit. I don't have my browser or websites "remember me" for convenience. I have other methods for saving convenience passwords for sites of low concern (the forum versus banking for example).

Although it can be complex, cyber-security is not a magical world that only the chosen few can navigate. A little additional effort and common sense on your part can drastically lower your presence to the junk-mail and advertising zombies. I haven't had a virus or security issue (that I'm aware of) since the early days of XP. A few good habits can save you a lot of trouble

[Curt Harms]

It may be coincidence but I use Firefox with NoScript and an ad blocker in addition to the built-in blocking capabilities of Firefox. The downside to NoScript is that every site needs to be set up. It was eye opening to see how many sites are part of NFL.com, CNN.com etc. Google anything gets blocked unless the map api is required. I get next to no unsolicited email. My current annoyance is Expedia. I did use it to book a trip a few months ago and now get bombarded. I can't complain because I did establish a 'relationship' with them. I have repeatedly clicked the "unsubscribe" button but with zero success.

[Pat Barry]

2 days ago I responded to Mayo Pardo's post in the engraving section, to do with his line-cutting issues:
http://www.sawmillcreek.org/showthre...-lines-problem

--my post reads as follows--


And this morning, I get this email...
deburr.jpg
"Let's make deburring more fun"....

Seriously??

There is no possible way this is a coincidence. The engraving business is generally regarded as a 'marking' industry, to do with awards, name badges, etc... It is NOT regarded as part of the "machining" industry. Therfore, the odds of anyone just randomly correlating my engraving business with a machine shop business and me getting email spam for a better deburring tool 2 days after I used the word "deburring" online, is simply astronomical.

And the un-nerving part, where did they get my email address?? I suppose the same computer algorithm that found the word "deburring" was also able to track down what can loosely be described as "my website", and got it there, but I have to wonder, did maybe they get it HERE?

For a long time now I've refused to type certain words or initials in emails, online forums, or any other 'internet venue' just because I've always felt, someone is checking... Maybe I'm paranoid, but, someone is...

<< edit >> -- I also just noticed they used my name in the ad, "Hello Kevin"....
AND- as you can see in the pic, the email address they sent to was "kevin@"-- the email on my website is "info@"...
NOT cool....

OK - so you have email. You send email to other folks and they in turn forward your emails to friends, etc and suddenly your email address is 'out there'. Now you type something into SMC one day and get a purely coincidental email the next day. So what? Life is full of coincidences. Live with it.

[Kev Williams]

An email ad from a company selling tools, one of which is a deburring tool, I might consider a coincidence. But a specific deburring tool ad? Nope.

I'm bringing this back because it happened again.

Yesterday I got online to my bank. Secured connection, https, padlock, etc, to order a box of checks.
The bank's site transferred me to the site selling the checks, also a secured connection.
I ordered a box of checks, logged off, closed the browser.

this morning I get this:
ckad.jpg

I have NEVER in my life gotten a 'checks' advertisement. This is not coincidence, this is a direct result of me buying checks, on supposedly secure websites!
HOW DID THIS PLACE KNOW THIS AND GET MY EMAIL ADDRESS?? Actually the answer is easy
Note that I didn't google anything. I opened my bank bookmark, logged in, clicked 'other services', clicked 'buy checks', and bought checks.

So much for 'secure' websites.

Spammers picking up keywords from public forums such as this is one thing, but companies freely passing around info I consider private from 'secure' connections is ridiculous...