Full Disclosure mailing list archives
Re: Implications of outsourcing email
From: Gabe Arnold <f0x () squirrelsoup net>
Date: Mon, 23 Jun 2003 13:02:54 -0400
I got this too, and agree it looks sketchy, pehaps someone got hold of their list and wants to see what e-mails are still 'alive'? And what people are prone to click on everything they see. --gabe * rajesh (secvar72 () hotmail com) wrote:
In spite of all the trust implications in outsourcing e-mail communications, why would any company use a 3rd party mail service provider, especially, to sent a "E-Mail hoax notification"? How would one distinguish the original fraudulent email from this real alert email? Return address does not point to BestBuy, the URL's don't point to BestBuy. (If I click thru some of this potentially spam-like links I do reach BestBuy page with the real warning. But the fraudulent mail had the same features.) Rva -------- Original Message -------- Received: from mailer13.postfuture.com ([64.5.35.13]) by mc5-f30.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Sat, 21 Jun 2003 07:22:02 -0700 Received: from postfuture.com (64.5.35.58) by mailer13.postfuture.com with SMTP; 21 Jun 2003 09:35:26 -0600 Message-Id: <28743v$11eslg () ironport postfuture com> To: XXXXXX From: Best Buy <bestbuysecurityinfo () postfuture com> Subject: Official Notification from Best Buy Reply-To: Best Buy <bestbuysecurityinfo () postfuture com> Errors-To: PPBounces () postfuture com X-PF-ERID: 387;;54254944 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----+PF_NextPart1" Return-Path: bestbuysecurityinfo () postfuture com X-OriginalArrivalTime: 21 Jun 2003 14:22:02.0958 (UTC) FILETIME=[7C178EE0:01C33800] Date: 21 Jun 2003 07:22:02 -0700 ******************************************************* IMPORTANT E-MAIL HOAX NOTIFICATION ******************************************************* Late Wednesday afternoon, June 18, 2003, Best Buy became aware of an unauthorized and deceptive e-mail to consumers titled "Fraud Alert." That e-mail message, which requested personal information (i.e., social security and credit card numbers), claimed to come from the BestBuy.com Fraud Department. That message was NOT from Best Buy or any of our affiliates. Best Buy is working with the appropriate law enforcement authorities to quickly resolve the situation. We are working to shut down sites affiliated with that unauthorized e-mail and Best Buy will work with law enforcement authorities to prosecute any perpetrators involved in this illegal act to the fullest extent of the law. If you replied to the fraudulent e-mail in any way, contact your bank and/or credit card companies immediately. No Best Buy systems have been compromised, and our online business is secure. The privacy of your personal information is of the utmost importance to Best Buy and any information you provide to us is handled according to our Privacy Policy. To view our Privacy Policy, please visit: http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url4&e=387;;54254944&a=1006 As part of the preparation for the relaunch of BestBuy.com, online purchasing will be temporarily unavailable beginning Friday, June 20; however, our product information and helpful resource articles will still be available. Rest assured, the fraudulent e-mail will not affect the launch of our redesigned Web site. If you have any questions, call Customer Care at 1-888-BEST BUY (237-8289) or visit our Online Pressroom at: http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url5&e=387;;54254944&a=1006 To find out more about protecting your information, visit the Federal Trade Commission's Identity Theft Web site at: http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url6&e=387;;54254944&a=1006 Thank you for being a valued Best Buy customer. If you've opted out of Best Buy promotional e-mails, don't worry: you haven't been signed up again. We just wanted to make sure you knew about this situation, regardless of whether you receive Best Buy promotional e-mails. You will NOT continue to receive Best Buy promotional e-mails. Thank you. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Implications of outsourcing email rajesh (Jun 23)
- Re: Implications of outsourcing email Gabe Arnold (Jun 23)
- Re: Implications of outsourcing email Roy S. Rapoport (Jun 23)
- Re: Implications of outsourcing email Neil McKellar (Jun 23)
- Re: Implications of outsourcing email Roy S. Rapoport (Jun 23)
- RE: Implications of outsourcing email JT (Jun 23)
- <Possible follow-ups>
- RE: Implications of outsourcing email Vine, Matthew T (Jun 23)
- Re: Implications of outsourcing email Roy S. Rapoport (Jun 23)
- Re: Implications of outsourcing email Gabe Arnold (Jun 23)