| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: secvar72 at hotmail.com (rajesh) Subject: Implications of outsourcing email In spite of all the trust implications in outsourcing e-mail communications, why would any company use a 3rd party mail service provider, especially, to sent a "E-Mail hoax notification"? How would one distinguish the original fraudulent email from this real alert email? Return address does not point to BestBuy, the URL's don't point to BestBuy. (If I click thru some of this potentially spam-like links I do reach BestBuy page with the real warning. But the fraudulent mail had the same features.) Rva -------- Original Message -------- Received: from mailer13.postfuture.com ([64.5.35.13]) by mc5-f30.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Sat, 21 Jun 2003 07:22:02 -0700 Received: from postfuture.com (64.5.35.58) by mailer13.postfuture.com with SMTP; 21 Jun 2003 09:35:26 -0600 Message-Id: <28743v$11eslg@...nport.postfuture.com> To: XXXXXX From: Best Buy <bestbuysecurityinfo@...tfuture.com> Subject: Official Notification from Best Buy Reply-To: Best Buy <bestbuysecurityinfo@...tfuture.com> Errors-To: PPBounces@...tfuture.com X-PF-ERID: 387;;54254944 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----+PF_NextPart1" Return-Path: bestbuysecurityinfo@...tfuture.com X-OriginalArrivalTime: 21 Jun 2003 14:22:02.0958 (UTC) FILETIME=[7C178EE0:01C33800] Date: 21 Jun 2003 07:22:02 -0700 ******************************************************* IMPORTANT E-MAIL HOAX NOTIFICATION ******************************************************* Late Wednesday afternoon, June 18, 2003, Best Buy became aware of an unauthorized and deceptive e-mail to consumers titled "Fraud Alert." That e-mail message, which requested personal information (i.e., social security and credit card numbers), claimed to come from the BestBuy.com Fraud Department. That message was NOT from Best Buy or any of our affiliates. Best Buy is working with the appropriate law enforcement authorities to quickly resolve the situation. We are working to shut down sites affiliated with that unauthorized e-mail and Best Buy will work with law enforcement authorities to prosecute any perpetrators involved in this illegal act to the fullest extent of the law. If you replied to the fraudulent e-mail in any way, contact your bank and/or credit card companies immediately. No Best Buy systems have been compromised, and our online business is secure. The privacy of your personal information is of the utmost importance to Best Buy and any information you provide to us is handled according to our Privacy Policy. To view our Privacy Policy, please visit: http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url4&e=387;;54254944&a=1006 As part of the preparation for the relaunch of BestBuy.com, online purchasing will be temporarily unavailable beginning Friday, June 20; however, our product information and helpful resource articles will still be available. Rest assured, the fraudulent e-mail will not affect the launch of our redesigned Web site. If you have any questions, call Customer Care at 1-888-BEST BUY (237-8289) or visit our Online Pressroom at: http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url5&e=387;;54254944&a=1006 To find out more about protecting your information, visit the Federal Trade Commission's Identity Theft Web site at: http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url6&e=387;;54254944&a=1006 Thank you for being a valued Best Buy customer. If you've opted out of Best Buy promotional e-mails, don't worry: you haven't been signed up again. We just wanted to make sure you knew about this situation, regardless of whether you receive Best Buy promotional e-mails. You will NOT continue to receive Best Buy promotional e-mails. Thank you.
Powered by blists - more mailing lists