Well, I’ve gotta admit, this is a new one for me.
Somebody, or something has managed to grab my personal email address from somewhere and is using it for spam purposes, except instead of spamming me directly, they are using my email address in various contact forms on all kinds of websites.
What is annoying is that some of these emails are seen as legitimate by my email provider (they’re seen as contact follow-up emails?) so they end up landing in my inbox instead of spam. I’ve set up “Someone spamming” folder dedicated to these emails and I’ll probably set up a filter to move them to there. So far I’ve accumulated seven of these things. You can see the two emails seen as legitimate below, where it says “Normal” under the priority column:
If you’re wondering where the Google Drive links lead, they point to different PDF files which all have a Google ReCaptcha V2 widget, but this ReCaptcha is not legit. Look at the cursor when I move it over this ReCaptcha:
It’s a link! But to where?
Hmm… I wonder how this appears in Searx?
Because I was curious and also a dumbass, I tried seeing what happens if you go to this website (or click that ReCaptcha).
It basically redirects you to these fake dating site signup form thingies; these aren’t the “unparalleledoffers” they’ve been promising…
If you try to go to the website’s index, you get this generic “Under construction” message, so it’s clear whoever set this website up wasn’t expecting people to snoop around it.
I tried this with a bunch of the other URLs that the URL I searched for leads to (it sends you to a random URLs from a range of different URLs each time you visit) and it’s the same story.
I’ve already reported the URL in that PDF document using Google’s “Report Phishing Page” form, and to the domain registrar – GoDaddy. Hopefully they’ll deactivate the domain and break that link in the URLs.
As for me, I’m trying to figure out what leaked my email to the public. I understand that it’s inevitable, but I’m curious as to where they got it.