Spam from "GSN" to e-mail address regis...

[DonnyDave]

I have just received a spam message to play@mydomain which has only ever been given to online retailer Play.com:

Quote:

From: GSN - Play Every Day <GSNnews@email.gsn.com>
Subject: Get more done, much faster, with Acrobat X PDF Reader. Upgrade Available Now
__________
GETTING MORE DONE AT WORK NOW COMES IN A CONVENIENT BOX

See how Adobe Acrobat X Reader is a step above anything you've experienced before, so you can be even more productive.

Upgrade now: <spam link removed>

Just how much faster can you work with Adobe Acrobat PDF Reader
software? Fast enough to stay on top of last-minute changes, connect
with key decision makers, and share updates with co-workers.

You'll discover how easy it is to reuse content by exporting PDF files
to Microsoft Word or Excel formats. And how quickly you can automate
multi-step tasks with new, guided Actions. No wonder PC Magazine
says, "There's a lot to like in Acrobat X PDF Reader." See for yourself at :

<spam link removed>

Copyright 2011 Adobe Systems Incorporated. All rights reserved.

Adobe Systems Incorporated
343 Preston Street
Ottawa, ON K1S 1N4
Canada

I am concerned that this may be as a result of a security breach at Play.com.

[lizards]

Same here - received two this morning. One sent to my play@ [my domain] and the other to play247@ [my domain] which is clearly an address I've held for many years as I forgot I even had it or that Play even had a different name back in the day! So the addresses they've got must be going back years.

And some people wonder why every company I give my details to I use their name @ [my domain].. Caught plenty of them this way.

[garb]

Same thing just happened to me.. email address I've only given to play.com and same dodgy looking email.

I wonder if the email addresses have been stolen or sold.

[DonnyDave]

I have sent a copy of this spam e-mail to John Perkins who is listed as Play.com's CEO at www.!!!!!!!!!!!!!

Perhaps others could do the same.

[GuiltyCol]

Me too. I have just sent this email to play.com:

Quote:

Hi,

When I registered my account with play.com, I used a unique email address: [snip]. This is an email alias that fowards to my real email account. I have never given this email address to anyone else, or used it on any other website.

Today then I was surprised to receive spam addressed to that email address, selling something allegedly from adobe, promoting the url: "official-adobe-acrobatx.com". I am not alone in this, see other people complaining here:

forums.moneysavingexpert.com/showthread.php?p=42142988

Play.com have either sold my email address on to some spammer, or you have had a breach of security and email addresses have been harvested. If the latter, what other personal data might have been stolen?

I appreciate your swift investigation and response, before I bring this matter up with the Data Protection Act Information Commissioner.

[capate]

Same here, have also sent email to John Perkins

[butters]

Hi same here, got one today to play @ my domain. Last year I had someone try and make an order on my account shipping to an address in Milton Keynes, play blamed me even though I know my PC was clean and password was unique, a bit of googling suggested many others were affected, police didn't seem to care.

It's a joke that play don't allow you to remove your card details, they obviously have security issues but won't ever admit it so they least they could do is offer paypal or a trusted method of payments.

[8u87fhsd]

Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?

Also, having the website name as the bit before the @ seems to becoming more common & actually slightly reduces security as the bad guy can now make an educated guess at the email address (rather than it being freddy34 @ sky.com or whatever).

N.B. I've also got my domain & I've just changed my Play pwd just in case.

Just because your paranoid doesn't mean they're not out to get you.

FWIW - Touch wood but I've never had a problem with Play, no dodgy orders, no items go missing, no OTT packaging & no issue with returns

[halfer]

Thanks to all contributors on this thread. I received the same item of spam via a "GSN" cross-promotion this afternoon, 20 March 2011.

I don't think my item of spam was a dictionary guess - my per-provider email addresses have a common suffix in order for them to be forwarded onto my usual email address. Random aliases going to my domain are just sent to a spam bin, which I check once in a blue moon.

So, I've just complained to privacy@play.com - sounds like the best place to complain. I will also complain to the IC, but I thought I'd give them a chance to look into it first.

I caught BT this way before, so - as @lizards says - using customised email aliases is an excellent way to catch 'em at it

[capate]

Quote:

Originally Posted by 8u87fhsd

Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?

Then wouldn't my inbox be full of similar emails with all the other dictionarywords (used) @ mydomain?

[butters]

Quote:

Originally Posted by 8u87fhsd

Could it be that we are all just a bit too paranoid & all that is happened is the spammer as used a dictionary to email [dictionaryword] @ domain?

Also, having the website name as the bit before the @ seems to becoming more common & actually slightly reduces security as the bad guy can now make an educated guess at the email address (rather than it being freddy34@sky.com or whatever).

N.B. I've also got my domain & I've just changed my Play pwd just in case.

Just because your paranoid doesn't mean they're not out to get you.

FYI - Touch wood but I've never had a problem with Play, no dodgy orders, no items go missing, no OTT packaging & no issue with returns

I think you're being naive, I have my email set up so any word or in fact anything prefixing my domain will be forwarded to my email. If the scenario you are describing where a bot was being used to randomly guess words then I would have received more than the one email I have from play. Another factor is that my domain has no website linked to it so I never receive spam because there is no site attached to it, this spam email from play.com is the first spam that has managed to get through to my email in 3 years.

[bonzer]

I've got it too to an address only given to play.com.

The links in the e-mail I got seem to actually point to "gsn.com" which is some company called "Game Show Network".

The domain the link purports to point to (official-adobe-acrobatx.com) has got fairly fake looking whois details in New York and is registered with a Russian registrar.

Quote:

Originally Posted by 8u87fhsd

Could it be that we are all just a bit too paranoid & all that is happened is the spammer as used a dictionary to email [dictionaryword] @ domain?

Don't think so as they didn't try any other address, just that one.

[garb]

Quote:

Originally Posted by 8u87fhsd

Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?

That would be possible but in this case my email wasn't play@...

My guess is the addresses have been stolen by someone.

The email being sent out is from an online gaming company, the links aren't actually to an adobe web address.. I'm not about to click one to see where I end up though!

[halfer]

Incidentally, there is a discussion on a GSN forum going on today regarding this issue - no mention of play.com though. I will see if I can post there and ask if there are any play.com customers amongst them.

(Not hyperlinked, as I am not allowed to post links here - remove space to view)

ww w.gsn.com/forums/showthread.php?t=891&p=13307

[garb]

Quote:

Originally Posted by bonzer

The domain the link purports to point to (official-adobe-acrobatx.com) has got fairly fake looking whois details in New York and is registered with a Russian registrar.

OK, I'm now upgrading my paranoia to...

The email addresses at Play (possibly just the newsletter) have been stolen.
The mailserver/newsletter system at GSN has been hacked.
The link is full of malware (not visited). (Domain registered today)

There was an attack the other week via a advertising network. Wonder if this is the same people.. Play must have millions of email addresses.

[halfer]

Well, after much faffing with GSN's terrible sign-up system, I've posted a note, linking back to here. We'll see if the flurry of email received by GSN members has anything to do with them being play.com customers as well.

[halfer]

Dammit - credit card details cannot easily be deleted from play - afaict anyway. Hopefully when their PR machinery starts dealing with this tomorrow, people here can request for this feature (other UK retailers like Wiggle already do). Still, whilst it is unclear that sensitive data has been taken as well, deleting it now may be a case of shutting the stable door after...

[pelago]

I also received this spam to the unique email address that I only ever gave to play.com, and have emailed privacy@play.com.

[halfer]

Firefox users - don't forget to visit the site in question and then click "Help ->Report Web Forgery". This sends an anonymous report to Google, which is used by Firefox and others to warn users if the site they're on is potentially malicious.

(Edit: needless to say, don't follow the links in the item of spam. They'll report that your email address is working, and you'll get more spam. Use the links in the first post.)

[VariousArtists]

If you want to delete your credit card number, you can replace it with a fake one:
4111 1111 1111 1111
Postcode: A1
Phone number: 0
And just make something up for everything else.