Main site > MoneySavingExpert.com Forums > Household & Travel > Praise, Vent & Warnings > Spam from "GSN" to e-mail address regis... (Page 1)

IMPORTANT! This is MoneySavingExpert's open forum - anyone can post

Please exercise caution & report any spam, illegal, offensive, racist, libellous post to forumteam@moneysavingexpert.com

  • Be nice to all MoneySavers
  • All the best tips go in the MoneySavingExpert weekly email

    Plus all the new guides, deals & loopholes

  • No spam/referral links
or Login with Facebook
Spam from "GSN" to e-mail address registered on Play.com
Closed Thread
Views: 27,927
Thread Tools Search this Thread Display Modes
# 1
DonnyDave
Old 20-03-2011, 2:20 PM
Serious MoneySaving Fan
 
Join Date: Oct 2004
Location: Yorkshire
Posts: 1,496
Default Spam from "GSN" to e-mail address registered on Play.com

I have just received a spam message to play@mydomain which has only ever been given to online retailer Play.com:


Quote:
From: GSN - Play Every Day <GSNnews@email.gsn.com>
Subject: Get more done, much faster, with Acrobat X PDF Reader. Upgrade Available Now
__________
GETTING MORE DONE AT WORK NOW COMES IN A CONVENIENT BOX

See how Adobe Acrobat X Reader is a step above anything you've experienced before, so you can be even more productive.

Upgrade now: <spam link removed>

Just how much faster can you work with Adobe Acrobat PDF Reader
software? Fast enough to stay on top of last-minute changes, connect
with key decision makers, and share updates with co-workers.

You'll discover how easy it is to reuse content by exporting PDF files
to Microsoft Word or Excel formats. And how quickly you can automate
multi-step tasks with new, guided Actions. No wonder PC Magazine
says, "There's a lot to like in Acrobat X PDF Reader." See for yourself at :

<spam link removed>

Copyright 2011 Adobe Systems Incorporated. All rights reserved.

Adobe Systems Incorporated
343 Preston Street
Ottawa, ON K1S 1N4
Canada
I am concerned that this may be as a result of a security breach at Play.com.

Last edited by DonnyDave; 20-03-2011 at 11:09 PM. Reason: Link removed
DonnyDave is offline
Report Post
The Following 2 Users Say Thank You to DonnyDave For This Useful Post: Show me >>
# 2
lizards
Old 20-03-2011, 2:37 PM
MoneySaving Convert
 
Join Date: Mar 2011
Posts: 82
Default

Same here - received two this morning. One sent to my play@ [my domain] and the other to play247@ [my domain] which is clearly an address I've held for many years as I forgot I even had it or that Play even had a different name back in the day! So the addresses they've got must be going back years.

And some people wonder why every company I give my details to I use their name @ [my domain].. Caught plenty of them this way.
lizards is offline
Report Post
# 3
garb
Old 20-03-2011, 2:38 PM
MoneySaving Newbie
 
Join Date: Mar 2011
Posts: 4
Default

Same thing just happened to me.. email address I've only given to play.com and same dodgy looking email.

I wonder if the email addresses have been stolen or sold.
garb is offline
Report Post
# 4
DonnyDave
Old 20-03-2011, 2:43 PM
Serious MoneySaving Fan
 
Join Date: Oct 2004
Location: Yorkshire
Posts: 1,496
Default

I have sent a copy of this spam e-mail to John Perkins who is listed as Play.com's CEO at www.!!!!!!!!!!!!!

Perhaps others could do the same.
DonnyDave is offline
Report Post
# 5
GuiltyCol
Old 20-03-2011, 3:01 PM
MoneySaving Newbie
 
Join Date: Mar 2011
Posts: 4
Default

Me too. I have just sent this email to play.com:

Quote:
Hi,

When I registered my account with play.com, I used a unique email address: [snip]. This is an email alias that fowards to my real email account. I have never given this email address to anyone else, or used it on any other website.

Today then I was surprised to receive spam addressed to that email address, selling something allegedly from adobe, promoting the url: "official-adobe-acrobatx.com". I am not alone in this, see other people complaining here:

forums.moneysavingexpert.com/showthread.php?p=42142988

Play.com have either sold my email address on to some spammer, or you have had a breach of security and email addresses have been harvested. If the latter, what other personal data might have been stolen?

I appreciate your swift investigation and response, before I bring this matter up with the Data Protection Act Information Commissioner.
GuiltyCol is offline
Report Post
# 6
capate
Old 20-03-2011, 3:08 PM
MoneySaving Convert
 
Join Date: Apr 2004
Posts: 15
Default

Same here, have also sent email to John Perkins
capate is offline
Report Post
# 7
butters
Old 20-03-2011, 3:10 PM
MoneySaving Newbie
 
Join Date: Mar 2008
Posts: 11
Default

Hi same here, got one today to play @ my domain. Last year I had someone try and make an order on my account shipping to an address in Milton Keynes, play blamed me even though I know my PC was clean and password was unique, a bit of googling suggested many others were affected, police didn't seem to care.

It's a joke that play don't allow you to remove your card details, they obviously have security issues but won't ever admit it so they least they could do is offer paypal or a trusted method of payments.
butters is offline
Report Post
The Following User Says Thank You to butters For This Useful Post: Show me >>
# 8
8u87fhsd
Old 20-03-2011, 3:34 PM
MoneySaving Convert
 
Join Date: Mar 2008
Posts: 28
Default Dictionary Guess??

Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?

Also, having the website name as the bit before the @ seems to becoming more common & actually slightly reduces security as the bad guy can now make an educated guess at the email address (rather than it being freddy34 @ sky.com or whatever).

N.B. I've also got my domain & I've just changed my Play pwd just in case.

Just because your paranoid doesn't mean they're not out to get you.

FWIW - Touch wood but I've never had a problem with Play, no dodgy orders, no items go missing, no OTT packaging & no issue with returns

Last edited by 8u87fhsd; 20-03-2011 at 3:40 PM.
8u87fhsd is offline
Report Post
The Following User Says Thank You to 8u87fhsd For This Useful Post: Show me >>
# 9
halfer
Old 20-03-2011, 3:44 PM
MoneySaving Convert
 
Join Date: Mar 2011
Posts: 38
Default

Thanks to all contributors on this thread. I received the same item of spam via a "GSN" cross-promotion this afternoon, 20 March 2011.

I don't think my item of spam was a dictionary guess - my per-provider email addresses have a common suffix in order for them to be forwarded onto my usual email address. Random aliases going to my domain are just sent to a spam bin, which I check once in a blue moon.

So, I've just complained to privacy@play.com - sounds like the best place to complain. I will also complain to the IC, but I thought I'd give them a chance to look into it first.

I caught BT this way before, so - as @lizards says - using customised email aliases is an excellent way to catch 'em at it
halfer is offline
Report Post
# 10
capate
Old 20-03-2011, 3:46 PM
MoneySaving Convert
 
Join Date: Apr 2004
Posts: 15
Default

Quote:
Originally Posted by 8u87fhsd View Post
Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?
Then wouldn't my inbox be full of similar emails with all the other dictionarywords (used) @ mydomain?
capate is offline
Report Post
The Following 2 Users Say Thank You to capate For This Useful Post: Show me >>
# 11
butters
Old 20-03-2011, 3:47 PM
MoneySaving Newbie
 
Join Date: Mar 2008
Posts: 11
Default

Quote:
Originally Posted by 8u87fhsd View Post
Could it be that we are all just a bit too paranoid & all that is happened is the spammer as used a dictionary to email [dictionaryword] @ domain?

Also, having the website name as the bit before the @ seems to becoming more common & actually slightly reduces security as the bad guy can now make an educated guess at the email address (rather than it being freddy34@sky.com or whatever).

N.B. I've also got my domain & I've just changed my Play pwd just in case.

Just because your paranoid doesn't mean they're not out to get you.

FYI - Touch wood but I've never had a problem with Play, no dodgy orders, no items go missing, no OTT packaging & no issue with returns
I think you're being naive, I have my email set up so any word or in fact anything prefixing my domain will be forwarded to my email. If the scenario you are describing where a bot was being used to randomly guess words then I would have received more than the one email I have from play. Another factor is that my domain has no website linked to it so I never receive spam because there is no site attached to it, this spam email from play.com is the first spam that has managed to get through to my email in 3 years.
butters is offline
Report Post
The Following User Says Thank You to butters For This Useful Post: Show me >>
# 12
bonzer
Old 20-03-2011, 3:47 PM
MoneySaving Stalwart
 
Join Date: Apr 2005
Location: Gloucestershire
Posts: 397
Default

I've got it too to an address only given to play.com.

The links in the e-mail I got seem to actually point to "gsn.com" which is some company called "Game Show Network".

The domain the link purports to point to (official-adobe-acrobatx.com) has got fairly fake looking whois details in New York and is registered with a Russian registrar.

Quote:
Originally Posted by 8u87fhsd View Post
Could it be that we are all just a bit too paranoid & all that is happened is the spammer as used a dictionary to email [dictionaryword] @ domain?
Don't think so as they didn't try any other address, just that one.

bonzer is offline
Report Post
# 13
garb
Old 20-03-2011, 3:50 PM
MoneySaving Newbie
 
Join Date: Mar 2011
Posts: 4
Default

Quote:
Originally Posted by 8u87fhsd View Post
Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?
That would be possible but in this case my email wasn't play@...

My guess is the addresses have been stolen by someone.

The email being sent out is from an online gaming company, the links aren't actually to an adobe web address.. I'm not about to click one to see where I end up though!
garb is offline
Report Post
The Following User Says Thank You to garb For This Useful Post: Show me >>
# 14
halfer
Old 20-03-2011, 3:51 PM
MoneySaving Convert
 
Join Date: Mar 2011
Posts: 38
Default

Incidentally, there is a discussion on a GSN forum going on today regarding this issue - no mention of play.com though. I will see if I can post there and ask if there are any play.com customers amongst them.

(Not hyperlinked, as I am not allowed to post links here - remove space to view)

ww w.gsn.com/forums/showthread.php?t=891&p=13307
halfer is offline
Report Post
# 15
garb
Old 20-03-2011, 4:02 PM
MoneySaving Newbie
 
Join Date: Mar 2011
Posts: 4
Default

Quote:
Originally Posted by bonzer View Post

The domain the link purports to point to (official-adobe-acrobatx.com) has got fairly fake looking whois details in New York and is registered with a Russian registrar.
OK, I'm now upgrading my paranoia to...

The email addresses at Play (possibly just the newsletter) have been stolen.
The mailserver/newsletter system at GSN has been hacked.
The link is full of malware (not visited). (Domain registered today)

There was an attack the other week via a advertising network. Wonder if this is the same people.. Play must have millions of email addresses.
garb is offline
Report Post
# 16
halfer
Old 20-03-2011, 4:17 PM
MoneySaving Convert
 
Join Date: Mar 2011
Posts: 38
Default

Well, after much faffing with GSN's terrible sign-up system, I've posted a note, linking back to here. We'll see if the flurry of email received by GSN members has anything to do with them being play.com customers as well.
halfer is offline
Report Post
# 17
halfer
Old 20-03-2011, 4:22 PM
MoneySaving Convert
 
Join Date: Mar 2011
Posts: 38
Default

Dammit - credit card details cannot easily be deleted from play - afaict anyway. Hopefully when their PR machinery starts dealing with this tomorrow, people here can request for this feature (other UK retailers like Wiggle already do). Still, whilst it is unclear that sensitive data has been taken as well, deleting it now may be a case of shutting the stable door after...
halfer is offline
Report Post
# 18
pelago
Old 20-03-2011, 4:29 PM
MoneySaving Newbie
 
Join Date: Nov 2007
Posts: 6
Default

I also received this spam to the unique email address that I only ever gave to play.com, and have emailed privacy@play.com.
pelago is offline
Report Post
# 19
halfer
Old 20-03-2011, 4:31 PM
MoneySaving Convert
 
Join Date: Mar 2011
Posts: 38
Default

Firefox users - don't forget to visit the site in question and then click "Help ->Report Web Forgery". This sends an anonymous report to Google, which is used by Firefox and others to warn users if the site they're on is potentially malicious.

(Edit: needless to say, don't follow the links in the item of spam. They'll report that your email address is working, and you'll get more spam. Use the links in the first post.)

Last edited by halfer; 20-03-2011 at 4:33 PM.
halfer is offline
Report Post
The Following User Says Thank You to halfer For This Useful Post: Show me >>
# 20
VariousArtists
Old 20-03-2011, 5:20 PM
MoneySaving Newbie
 
Join Date: Mar 2011
Posts: 2
Default

If you want to delete your credit card number, you can replace it with a fake one:
4111 1111 1111 1111
Postcode: A1
Phone number: 0
And just make something up for everything else.
VariousArtists is offline
Report Post
The Following User Says Thank You to VariousArtists For This Useful Post: Show me >>
Closed Thread

Bookmarks
 
 




Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

 Forum Jump  

Contact Us - MoneySavingExpert.com - Archive - Privacy Statement - Top

Powered by vBulletin® Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

All times are GMT +1. The time now is 6:58 AM.

 Forum Jump  

Free MoneySaving Email

Top deals: Week of 23 April 2014

Get all this & more in MoneySavingExpert's weekly email full of guides, vouchers and Deals

GET THIS FREE WEEKLY EMAIL Full of deals, guides & it's spam free

Latest News & Blogs

Martin's Twitter Feed

profile

Cheap Travel Money

Find the best online rate for holiday cash with MSE's TravelMoneyMax.

Find the best online rate for your holiday cash with MoneySavingExpert's TravelMoneyMax.

TuneChecker Top Albums

  • VARIOUS ARTISTSNOW THAT'S WHAT I CALL MUSIC! 87
  • VARIOUS ARTISTSFROZEN (ORIGINAL MOTION PICTURE SOUNDTRACK)
  • VARIOUS ARTISTSNOW THAT'S WHAT I CALL 21ST CENTURY

MSE's Twitter Feed

profile
Always remember anyone can post on the MSE forums, so it can be very different from our opinion.
We use Skimlinks and other affiliated links in some of our boards, for some of our users.