As I previously reported, somebody has been interacting with Web sites using my email address.
I suspect that in addition to the ones I know about, this individual is probably also doing things that I don’t know about, because I assume that not all the web sites at which he’s using my address are kind enough to send me an email address alerting me to what he’s doing.
Today, however, I did get a notification from one site that I didn’t know about before — he apparently signed up for a Skype account using my email address. They emailed me about it because he attempted to purchase Skype credit but didn’t complete the transaction.
I immediately took advantage of Skype’s password recovery feature to reset the password on the account. I.e., I stole the account from the identity thief, just as I did when he signed up for a gmail account using my email address.
Then I sent this message to Skype’s customer support department. I don’t honestly expect them to respond in any useful way, but I figured it was worth a try:
As described at http://blog.kamens.us/?p=2258, someone I do not know has been going to various sites all over the internet and interacting with those sites using my email address, email@example.com. The things that I am aware of before today are (a) submitting a bizarre support request to Starwood hotels customer service and (b) creating a gmail account with my email address specified as its password recovery address. I am worried that whoever this person is may have used my email address at other sites as well, but these are the ones I know about.
Today, a new one occurred — this individual signed up for a skype account with the skype name bouba.diallo30 and using my email address. I received an email address notifying me of this fact because this individual apparently attempted to purchase a Skype credit but did not complete the transaction.
Because I obviously do not want people on the Internet impersonating me or using my email address for nefarious purposes, I used your password recovery feature to reset the password on this account so that it is one that I know and the identity thief does not. This is why I am currently writing to you from that account — I have taken over the account, which I think is perfectly legitimate since it was created using my email address and whoever created it is obviously up to no good. (I did the same thing to the gmail account that the thief created using my email address as its password recovery address.)
I would like your help tracking down whoever this person is. I don’t know what the hell he’s up to, but I’m really concerned that it’s something that’s going to hurt me, and I’m trying to collect as much information as possible about what’s going on so that I will be armed and ready if I need to escalate the fight against whatever this person is doing.
Can you please tell me how I can go about getting whatever additional information about this individual, e.g., what IP address was used to create the account, exactly when it was created, etc., i.e., anything at all you have logged about this person’s actions?
Please note that I am *very* careful with the security of my computer, home network and web accounts, and it is extremely unlikely that whoever is doing this has actually taken over my computer or email account or anything like that.
Thank you in advance for any help you can provide.
Jonathan Kamens (the *real* firstname.lastname@example.org, as you can see from the jonathan.kamens Skype account which I’ve had associated with that email address for several years)
Interestingly, here are the profile details that the identity thief specified when creating the Skype account:
I wish I knew what the hell this guy thinks he’s accomplishing with these hijinks.