Why would someone try to open a bitcoin account using my email address?
December 3, 2018 1:50 AM   Subscribe

I received an automated notification to confirm my email (gmail) address from a company that lets people trade in various cryptocurrencies. I had not tried to open an account with them and of course did not confirm my address. What would be the point of a hacker trying to use my email address to open such account, given that email addresses are not 'official' or 'legal'.
posted by modernnomad to Computers & Internet (7 answers total)
 
(and yes, i use 2FA where available and a password manager so i don't have re-used passwords).
posted by modernnomad at 1:51 AM on December 3


- People often mis-type their email address.
- Could be a phishing/spam email that's not really from the site it says it's from.
posted by EndsOfInvention at 2:34 AM on December 3 [4 favorites]


Two possibilities - the innocent one where people don't know their own email or typo their address, you can judge the likelihood of this by the uniqueness of your address. I have a shorter email address with a common provider and get junk from typod addresses all the time.

The second and more nefarious reason is that they are trying to determine if you already have an account with that service. They are looking for information leakage during the sign up process that tells them if your email address has an account. When they know you have an account, then they can proceed to try an access it.
posted by TheAdamist at 2:40 AM on December 3 [10 favorites]


People often mis-type their email address.

I have this happen to me at least once or twice a year. There's an apparently elderly man with my first and last name who consistently signs up for forums and services that are well outside my interests (albeit not shady seeming per se) using my email address. I was one of the lucky folks who got in at the ground floor with Gmail, so my address is literally firstnamelastname@gmail.com, which means that the sort of person who can't be bothered to remember their own email address (and also has my name) probably just types that in on every form that asks for an email.
posted by Strange Interlude at 7:21 AM on December 3


I'll go farther than Strange Interlude: I have an unusual email address ("ubiquity", of course), and there are still multiple people somehow trying to use it as their own. I have confirmed that none of these benefit anyone, so could only be an error, though how someone types "ubiquity" instead of their actual address is beyond me. One thing that has occurred to me is that someone used this address when they DIDN'T want the recipient to actually have their email address. Could someone have "made up" an email address for this purpose and accidentally landed on yours?
posted by ubiquity at 7:30 AM on December 3 [1 favorite]


Occam's Razor suggests fat-fingered email address, especially since it's Gmail. I have a fairly unique Gmail address, but I've had someone sign up for French Netflix with it, and for PayPal. (The PayPal one was especially galling, since that Gmail address was on my PayPal account, but the person who signed up used @googlemail.com instead of @gmail.com, and PayPal didn't know those two domains were equivalent. I've since added my unique email @googlemail.com to my PayPal account just to be safe.)
posted by SansPoint at 8:32 AM on December 3


I just got one of those emails too and I'm voting against "fat-fingered" because it was via an email address that there would pretty close to zero chance of someone typing accidentally.

In my case it's an email address that I currently use on a fairly active site, and that I used to use on another once active site that's been shut down because it was acquired by another company. I suspect one of those two sites has been hacked or they straight up sold the email addresses.
posted by fuse theorem at 10:22 AM on December 3 [1 favorite]


« Older (Weight) Losers of MeFi!!   |   Duck, you sucker! Newer »

You are not logged in, either login or create an account to post comments