Hey all,<p>In the last 20 minutes, I got probably around 200 emails congratulating me on registering to the website/newsletter.<p>This is my personal email<p>In addition, my credit card has been used to purchase 850$ worth of goods (called Amex, canceled the card).<p>I changed my email password obviously, canceled the card.<p>What else can I do? Did this ever happen to you? Have any advice?
I am posting some information here in case someone encounters this.<p>This seems like a type of DDOS attack to hide an email from a financial service.<p>All of these emails are essentially meant to hide the order of 850$ in the flurry of other emails.<p>Some information from a Google thread: <a href="https://support.google.com/mail/forum/AAAAK7un8RUCTPjR3thcdQ/?hl=en-GB" rel="nofollow">https://support.google.com/mail/forum/AAAAK7un8RUCTPjR3thcdQ...</a>
You can check something like <a href="https://haveibeenpwned.com/" rel="nofollow">https://haveibeenpwned.com/</a> to see if you can locate where the breach came from. Other than that you just have to assume the worst and start rotating all your passwords and keys. Turn on 2FA for everything.
I knew a guy who had a very common email address (like jsmith at popular provider), and it was pretty common for people to sign up to services using that address.<p>For well designed sites that require verification before the account is setup, just trash the message.<p>For other stuff, you may have to unsubscribe.<p>Worst case scenario for something like a dating sites or whatever, you can just reset the password, then login and delete/deactivate the account.
A credit freeze might be in order:<p><a href="https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs" rel="nofollow">https://www.consumer.ftc.gov/articles/0497-credit-freeze-faq...</a>