Does Yahoo! Sell Email Addresses to Spammers?

aligator

Distinguished Member
:tongueout:oint::tongueout:oint:does yahoo sell email addresses to companies cause i get a lot more spam on my yahoo than on my hotmail although i route most of my sign-ups to hotmail (can u believe that the word hotmail isn't in this spell checks dictionary) but in the other hand its spam detection is much more accurate than hotmails :O(this emotion thing is very clueless a heart of rock):booyah::booyah::booyah::booyah:
 
Of course they do. It is one way they make money for their site. They sell lists of their emaill addresses.
 
i think its illegal for them to sell E-mail addresses.
Plus the e-mail addresses you sign-up with would be sold by some websites. Yahoo doesnt sell e-mail addresses.
 
Of course they do. It is one way they make money for their site. They sell lists of their emaill addresses.

I don't think they do, Mak......
Yahoo! Privacy Policy

Yahoo! does not rent, sell, or share personal information about you with other people or non-affiliated companies except to provide products or services you've requested, when we have your permission, or under the following circumstances:
  • We provide the information to trusted partners who work on behalf of or with Yahoo! under confidentiality agreements. These companies may use your personal information to help Yahoo! communicate with you about offers from Yahoo! and our marketing partners. However, these companies do not have any independent right to share this information.
  • We have a parent's permission to share the information if the user is a child under age 13. Parents have the option of allowing Yahoo! to collect and use their child's information without consenting to Yahoo! sharing of this information with people and companies who may use this information for their own purposes.
  • We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
  • We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Yahoo!'s terms of use, or as otherwise required by law.
  • We transfer information about you if Yahoo! is acquired by or merged with another company. In this event, Yahoo! will notify you before information about you is transferred and becomes subject to a different privacy policy.
 
Yeah i know they will never come out and say it. But i know for a fact that i have never signed up for any services or anything like that with my Yahoo account. I have never even used the email before. I had created it to get my website crawled with their bot yet for some reason i have over 50 spam messages a day. So they say they dont but for some reason i get mail from all these places affiliated with Yahoo.

Just like Google will never out right say that dont sell them. Yet there is always spam mail in there from places that you have no idea how they got your email address. They have to deny it as it is illegal. But that doesnt mean someone working for them doesnt do it to make some extra cash. :wink:
 
I don't believe they sell their addresses... Spammers have other methods of finding emails, including sending messages to brute-force email lists (aaaa@hotmail.com, aaab@hotmail.com, aaac@hotmail.com, etc.) until they find an email that doesn't bounce.

Then they add that email to their lists.
 
I know that's how it must work CG and Mak. With my previous ISP I set up 5 email addresses because I could, but I only ever used one. The others were never published abroad in any way. 4 of the 5,including the one I used all the time were more obscure, but one was more simple, and suddenly started to become bombarded with viagra spam out of the blue. Nobody knew it existed, so it can only have been hit by some kind of guessing-bot. I deleted it and put up another more obscure 5th which was never bothered.
I never get spam (though some of my solicited mail sometimes gets filtered) except on yahoo, where once again my id is simple and liable to be guessed by a bot.
 
The reason I know it's brute forcing:

I have catch-all email address (meaning any mail to non-existent-account@neosmart.net gets forwarded to me), and every time spammers use @neosmart.net (through domain spoofing) to send their emails I get the bounce-back messages.

For instance, just yesterday spammers pretended they were sending emails from @neosmart.net to several thousand accounts; and I'm getting replies from john1@.... john2@...... john3@..... telling me that the account does not exist.
 
For me it seems to odd that they woudl do that cause my email that gets spammed is not a easy address. I not even talking things that use my forum handle. I am talking address like TaterSalad213 or Git.R.Done213 as the address. How can a brute force get thsoe without days of work if not weeks? I know with Brute force they have nothing but time. But i try to use obsecure Emails addresses to try to prevent as much Spam as possible.

I mean i do believe that Brute is one way. But for some of my more obsecure email addresses i do believe that something else is at play.
 
i'm pretty sure they sell emails because my email is aligator926 kinda difficult to brute force it plus all the spam seems to have the same topic online auctions and pharmaceuticals anyways i don;t really use the yahoo because to takes forever to load its chat sucks and isn't very user friendly plus if it was brute force emails wouldn't it show that it was sent to more than one email but it shows that it was only sent to me
 
@mak, ali: Brute force only takes one success.

Once they try aligator925@yahoo.com, aligator926@yahoo.com and the latter doesn't bounce, it's added to their list of "OK" addresses. 99% of spam is pharmaceutical or money-making anyway, and then the email harvesters sell the email that they found to spam lists.

Reason @yahoo.com might get more spam than @gmail.com is because the probability of a successful email via brute-force on yahoo is higher than on gmail, et. al.

Brute force takes *time* but only once; so as soon as that initial period is over, it's done. You're email is gone, it doesn't matter how hard to guess it is.
 
Of course they do. It is one way they make money for their site. They sell lists of their emaill addresses.
No, Yahoo! doesn't sell a list of their customers e-mail addresses to spammers. It's against the law, it's morally wrong, and they have an extensively long terms & conditions that if you ever read through it, you'd understand that they do not follow the practice of selling e-mail lists.

Yes, Yahoo! has tools that can see what your date of birth and your security question/answer are, they can see when you created your account, but there's no way that they aggregate every single e-mail username in the database for sale. I've seen the tools, I've seen how Yahoo! works. Period.

Spammers simply generate username combinations and fire off mass e-mails to every single combination, when it hits an e-mail inbox that doesn't bounce back as invalid it more than likely logs it in a database for future spamming purposes. It has nothing to do with the companies selling your information.
 
If you're using an email address, no matter how obscure, and you neglect just once to untick a "would you like email from our specially selected partners" box when using it in an online transaction, then your address is going to start on the long trail of being passed from list to list, and spam will probably result eventually. It didn't have to be the ISP that passed it on.

My example of obvious forcing was from a totally unused, unpublicised email address that could not have been known by any other method than guesswork.
 
No, Yahoo! doesn't sell a list of their customers e-mail addresses to spammers. It's against the law, it's morally wrong, and they have an extensively long terms & conditions that if you ever read through it, you'd understand that they do not follow the practice of selling e-mail lists.

Yes, Yahoo! has tools that can see what your date of birth and your security question/answer are, they can see when you created your account, but there's no way that they aggregate every single e-mail username in the database for sale. I've seen the tools, I've seen how Yahoo! works. Period.

Spammers simply generate username combinations and fire off mass e-mails to every single combination, when it hits an e-mail inbox that doesn't bounce back as invalid it more than likely logs it in a database for future spamming purposes. It has nothing to do with the companies selling your information.
Nighthawk if you would have read more than just that response from me you would see i explained myself about this answer. I said it could have jsut been 1 person in there that did it to get money. Please do not come by with this after reading just my first answer and not the rest i have posted as i explained myself on this. I know how email works i know the tools as i have them myself. Please i ask you to read all my responses next time. Thank you.


@mak, ali: Brute force only takes one success.

Once they try aligator925@yahoo.com, aligator926@yahoo.com and the latter doesn't bounce, it's added to their list of "OK" addresses. 99% of spam is pharmaceutical or money-making anyway, and then the email harvesters sell the email that they found to spam lists.

Reason @yahoo.com might get more spam than @gmail.com is because the probability of a successful email via brute-force on yahoo is higher than on gmail, et. al.

Brute force takes *time* but only once; so as soon as that initial period is over, it's done. You're email is gone, it doesn't matter how hard to guess it is.

I am not saying it wasnt brute force Guru. I know it very well could be. It could be something as simple as leaving a brute force going till they got it. I do not doubt it. But you still can not rule out the aspect of a employee who sold them as well. It is not like it has never happened before. A simple disgruntled employee with access to something like this it wouldnt take them long to get a offer and give out 10,000 email addresses. Not like Yahoo would tell us.

"By the way, we had a disgruntled employee who broke the rules and sold your email address. Even though it violates our terms of service your email address is now open to spammers. Have a nice day!"

No company would do that. They would never intentially tell you that your email address was sold by one of their employees who have since been terminated and proscuted. All i am saying is that not every person working for these companies is morally ethical. Microsoft has a big breach in this stuff. So does Apple and the rest of them. Even Google has it people that give out info. There is no way you can deny that there is no possible way that someone might have sold some email addresses, even if it is against the Term of Service.

I know that all it takes is that first spam to come thru and it is over and the rest get it like a wild fire. But i still look toward things this way. That even with the most obsecure way that someone could get a email address from a person working there. Not sayin that is what happened. But i do not trust every single person in the world to be morally correct. Just my opinion.
 
ah... well there's a difference between saying "a morally-bankrupt employee at Yahoo! might have sold a couple of email addresses at some point" verses "Yahoo! regularly engages in the trade of private information in exchange for money"

:wink:

But, yeah, I get what you're saying :grinning:
 
ah... well there's a difference between saying "a morally-bankrupt employee at Yahoo! might have sold a couple of email addresses at some point" verses "Yahoo! regularly engages in the trade of private information in exchange for money"

:wink:

But, yeah, I get what you're saying :grinning:

True. Maybe i should have clarified it with my first post instead of blantenly just said that they do. I mean every place has those 1 or 2 people that do something morally wrong cause they dont see it that way. Just see it as a way to earn some extra money.

Sorry if it seemed i was a bit upset with that last post. I was not trying to offend. :??
 
How about no spam seen at all? Free accounts are bombarded by spam to see them closed up from inactivity. While never giving a regular inbox from the ISP spam still comes in. How and Why?

Have you ever clicked on the "to unsubscribe from future mailings" link? "we got you now!" You just verified that your account is active while spammers were pinging random addresses with an address generator!

Once all known active addresses are collected the spammers pour the spam on while using random and alternating origins. All you do is look into the report spam options and let the ISP or provider go after them. The ISP here now sees a report spam button added when going to log in while online and not open Outlook or Windows Mail up until reported.

For a free email account with "NO SPAM" try http://www.fastmail.fm/mail/login/ No garbage comes in at all!
 
Back
Top