Exposed member information

Since day 1 I have use a distinct email address for my membership and all communications with BMWCCA. Over a year ago I started receiving fairly sophosticated pfishing and spoofs at this email address. The only explanation for this is that you have either been hack or someone internal has exposed information. I was just wondering if you are aware of this? The only reason I mention this now, more than a year after the fraudaulent email started, is because the volume of spam, pfishing, and spoof email sent to my BMWCCA email address has been increasing, and the sophistication of the email is good. My suggestion to BMWCCA is to do the only responsible thing and notify members that their information has been comprimised.

I have tried sending email directly to sschlossman@bmwcca.ora and webmaster@bmwcca.org. It all is bounced back to me as undeliverable. Please send me an email address that is accepting email. Thanks.

I haven't had any problem sending e-mail to Steven at his e-mail address and receiving a reply from him.

Interesting. I cannot seem to get email through to him.

Return-Path: <omitted>
Received: from localhost (localhost.localdomain [127.0.0.1])
by smtp48.relay.iad1a.emailsrvr.com (SMTP Server) with ESMTP id 6A2681682E9
for <sschlossman@bmwcca.org>; Mon, 6 May 2013 14:07:19 -0400 (EDT)
X-Virus-Scanned: OK
Received: by smtp48.relay.iad1a.emailsrvr.com (Authenticated sender: omitted) with ESMTPA id 598A9168340
for <sschlossman@bmwcca.org>; Mon, 6 May 2013 14:07:13 -0400 (EDT)
Reply-To: <omitted>
From: "Mark Mullett" <omitted>
To: <sschlossman@bmwcca.org>
Subject: FW: Reply to Watched Thread: Exposed member information
Date: Mon, 6 May 2013 14:04:28 -0400
Organization: Data Fusion, Co.
Message-ID: <00da01ce4a84$2761c360$76254a20$@com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_00DB_01CE4A62.A0502360"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac5H/8uytQr+eVprS4au4Xx3XAQR8gCeu1+AAABR2KAAAgLCMA==
Content-Language: en-us

I would think that if the original poster's assertion were true, someone else would be receiving something of the sort. I know I haven't. I also know that some phishing scammers will choose a legitimate looking address from your own contacts and 'originate' scam emails from it. I suspect that's what's happened here.

Often, problems of this nature result from the SENDER's domain being put on a spam/phishing blacklist. Mailing daemons are set up to scan black-listed sites and reject all mail from it. Try sending email from a comcast or other known good account.

This was actually one of my first thoughts, especially since this seems to be an isolated incident. I'd suggest that the OP change his dedicated e-mail address to a Gmail address as they're pretty good at filtering out spam and I doubt that you'd have similar problems with that e-mail address.