lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: ptourvi1 at twcny.rr.com (JT)
Subject: Implications of outsourcing email

It's pretty simple although not quite convenient. When I got the fraud email
I called BestBuy to find out what was going on as it was clearly a false
email. They had a recording explaining the situation...3 days later I got
the email about it. When in doubt, call directly lol

> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of rajesh
> Sent: Monday, June 23, 2003 12:02 PM
> To: full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] Implications of outsourcing email
> 
> 
> In spite of all the trust implications in outsourcing e-mail 
> communications, why would any company use a 3rd party mail service 
> provider, especially, to sent a "E-Mail hoax notification"?
> 
> How would one distinguish the original fraudulent email from 
> this real 
> alert email? Return address does not point to BestBuy, the 
> URL's don't 
> point to BestBuy.
> 
> (If I click thru some of this potentially spam-like links I do reach 
> BestBuy page with the real warning. But the fraudulent mail 
> had the same 
> features.)
> 
> Rva
> 
> 
> 
> -------- Original Message --------
> 
> Received: from mailer13.postfuture.com ([64.5.35.13]) by 
> mc5-f30.law1.hotmail.com with Microsoft 
> SMTPSVC(5.0.2195.5600);	 Sat, 21 
> Jun 2003 07:22:02 -0700
> Received: from postfuture.com (64.5.35.58)  by 
> mailer13.postfuture.com 
> with SMTP; 21 Jun 2003 09:35:26 -0600
> Message-Id: <28743v$11eslg@...nport.postfuture.com>
> To: XXXXXX
> From: Best Buy <bestbuysecurityinfo@...tfuture.com>
> Subject: Official Notification from Best Buy
> Reply-To: Best Buy <bestbuysecurityinfo@...tfuture.com>
> Errors-To: PPBounces@...tfuture.com
> X-PF-ERID: 387;;54254944
> MIME-Version: 1.0
> Content-Type: multipart/alternative;	boundary="----+PF_NextPart1"
> Return-Path: bestbuysecurityinfo@...tfuture.com
> X-OriginalArrivalTime: 21 Jun 2003 14:22:02.0958 (UTC) 
> FILETIME=[7C178EE0:01C33800]
> Date: 21 Jun 2003 07:22:02 -0700
> 
> *******************************************************
> IMPORTANT E-MAIL HOAX NOTIFICATION
> *******************************************************
> 
> Late Wednesday afternoon, June 18, 2003,
> Best Buy became aware of an unauthorized and
> deceptive e-mail to consumers titled "Fraud Alert."
> That e-mail message, which requested personal information
> (i.e., social security and credit card numbers), claimed to
> come from the BestBuy.com Fraud Department. That
> message was NOT from Best Buy or any of our affiliates.
> 
> Best Buy is working with the appropriate law enforcement
> authorities to quickly resolve the situation. We are working
> to shut down sites affiliated with that unauthorized e-mail and
> Best Buy
> will work with law enforcement authorities to prosecute any
> perpetrators involved in this illegal act to the fullest extent
> of the law. If you replied to the fraudulent e-mail in any way,
> contact your bank and/or credit card companies immediately.
> 
> No Best Buy systems have been compromised, and our online
> business is secure. The privacy of your personal information is
> of the utmost importance to Best Buy and any information you
> provide to us is handled according to our Privacy Policy.
> To view our Privacy Policy, please visit:
> http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url4&e=387;;5425
> 4944&a=1006
> 
> As part of the preparation for the relaunch of BestBuy.com,
> online purchasing will be temporarily unavailable beginning
> Friday, June 20; however, our product information and helpful
> resource articles will still be available. Rest assured, the
> fraudulent e-mail will not affect the launch of our
> redesigned Web site.
> 
> If you have any questions, call Customer Care at
> 1-888-BEST BUY (237-8289) or visit our Online Pressroom at:
> http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url5&e=387;;5425
4944&a=1006

To find out more about protecting your information, visit the
Federal Trade Commission's Identity Theft Web site at:
http://bestbuy.postfuture.com/P/v3/r.asp?r=T1_Url6&e=387;;54254944&a=1006

Thank you for being a valued Best Buy customer.



If you've opted out of Best Buy promotional e-mails, don't worry:
you haven't been signed up again. We just wanted to make sure
you knew about this situation, regardless of whether you receive
Best Buy promotional e-mails. You will NOT continue to receive
Best Buy promotional e-mails. Thank you.























_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ