Comments on: Getting Spam on Your Ameritrade Email Address?

By: MM

MM — Fri, 14 Sep 2007 16:32:24 +0000

Ameritrade finally owned up losing these email addresses. I first contacted them on 8/15/06 that an email address unique to them had started receiving spam.

They took over a year to finally identify the hole and close it. Complete and utter lack of professionalism.

By: t

Wed, 29 Aug 2007 01:36:14 +0000

Fascinating.

I, too, started getting spam at my ameritrade@myowndomainname.us a while back. I complained to customer service, who seemed responsibly concerned about this… I then change the email they had and had no further problems.

By: Mister Pointer Outer

Mister Pointer Outer — Tue, 24 Apr 2007 07:28:24 +0000

The person to talk to at Ameritrade is PAUL
THURSTON. and his phone number is:
800 669 3900 ext. 2538 (that’s the main customer
service number, ask for the extension).

He appears to be handling the issue. Ask him why
Ameritrade did not notify you about this second
leak. Ask him what they have done to prevent a
THIRD leak. Ask him to waive the $50 fee they will
charge you to transfer your account to a more-reputable
broker.

By: jim5k

jim5k — Thu, 19 Apr 2007 15:40:04 +0000

TD Ameritrade email security problem

It happened to me too – AGAIN. This is the third time the email address I use only with TD Ameritrade just ended up on a penny stock spam list. Either they are selling them, or they have a serious security problem (most likely an inside job).

This can not be explained by a random email address spammer (as Ameritrade told me) because I have a catch-all account that would receive ALL variations sent to my domain name. But I do not get random variations. This stock spam specifically targets the address I gave to TD Ameritrade, and only TD Ameritrade.

Also, the last time I changed my email address, I created three variations (*_TD1*, *_TD2*, and *_TD3*). I gave one to TD, and the other two were control (i.e. I did not give them to anybody). And guess what? The one I gave to TD is getting stock spam, and the other two are not.

I don’t know how else you can explain this other than private email addresses are leaking out of TD Ameritrade. And I am furious.

By: Geo

Geo — Fri, 13 Apr 2007 14:06:48 +0000

I am letting you all know that this is continuing as of today, April 2007. Late last year, I began getting stock spam on all of the unique, known only to me and Ameritrade email addresses, so I immediately changed the addresses given to Ameritrade with new ones. Less than one week later, it began again. I changed the addresses again to something even harder to guess and wrote “not nice” emails to Ameritrade customer service letting them know that they “do not under any circumstances have my permission to share my contact information with anyone”. This seemed to get their attention, and the emails were clean for about six months, when today, it started again at both addresses they have for me, the same day, from the same spammers.
They either have security like a screen door in their data center, or a significant lack of business ethics. I’m done. My accounts will go elsewhere, never to return.

By: Tim

Tim — Thu, 16 Nov 2006 01:54:55 +0000

While Ameritrade may have lost a data tape back in 2005, there’s obviously someone with access to their client database who’s CURRENTLY selling/trading the e-mail addresses (primary and secondary) of Ameritrade customers. About a month ago I started getting hit with P&D gif spam at both my primary and secondary addresses, the latter which is a virgin address set up in 2006 and not used for anything else and could not be brute-force/guessed/dictionary attacked.

I think Ameritrade needs to get ahead of the curve on this issue and call in some computer forensics experts if not the FBI/SEC and figure outt which worm in their company is selling them out to spammer scum.

By: Benedikt

Benedikt — Fri, 06 Oct 2006 12:44:42 +0000

Hmmm – I’m not too sure that the leak was just down to the missing tapes. I have used a unique adderss with ameritrade since about 2004; so that one could have been part of the missing tapes.

But, when the wave of spam started in mid-August, the spam started coming in on two different addresses – the one I’ve used with Ameritrade, and another unique address I’ve use with zacks.com (both following a slightly different naming pattern – so it’s somewhat unlikely both were guessed correctly, without first creating massive amounts of “invalid” email (which would have gotten through as well).

Now, there are links between the two companies – as the stock recaps from Ameritrade show “Finance data provided by: [...] Zacks Investment Research [...].

I’m not sure that someone in the two companies has full access to both user databases, but it seems like the most likely explanation. (And – what rules out the “tapes” theory on this is that the zacks-specific address had only been created in Feb 2006.

So, there most likely must have been a second security breach since the loss of the tapes…

By: Jason Roysdon

Jason Roysdon — Mon, 18 Sep 2006 16:05:29 +0000

I too was once a TD/Ameritrade customer who received a stolen tape letter. However, my email address was surely only ever given to TD, and it included a unique 8-digit date as well as ameritrade. There is no way someone guessed this.

By: Jason

Jason — Wed, 06 Sep 2006 00:09:09 +0000

Hmm, makes you wonder. Until about a month ago I was receiving maybe one spam a week in my main personal email address that I haven’t used when signing up with any site I thought might “lose” it.

Then a month or so ago I began receiving like 10+ spams a day and the only account I remember signing up with that email address in the last few months was TD Ameritrade…