Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • DonnyDave
    • By DonnyDave 20th Mar 11, 2:20 PM
    • 1,552Posts
    • 428Thanks
    DonnyDave
    Spam from "GSN" to e-mail address registered on Play.com
    • #1
    • 20th Mar 11, 2:20 PM
    Spam from "GSN" to e-mail address registered on Play.com 20th Mar 11 at 2:20 PM
    I have just received a spam message to play@mydomain which has only ever been given to online retailer Play.com:


    From: GSN - Play Every Day <GSNnews@email.gsn.com>
    Subject: Get more done, much faster, with Acrobat X PDF Reader. Upgrade Available Now
    __________
    GETTING MORE DONE AT WORK NOW COMES IN A CONVENIENT BOX

    See how Adobe Acrobat X Reader is a step above anything you've experienced before, so you can be even more productive.

    Upgrade now: <spam link removed>

    Just how much faster can you work with Adobe Acrobat PDF Reader
    software? Fast enough to stay on top of last-minute changes, connect
    with key decision makers, and share updates with co-workers.

    You'll discover how easy it is to reuse content by exporting PDF files
    to Microsoft Word or Excel formats. And how quickly you can automate
    multi-step tasks with new, guided Actions. No wonder PC Magazine
    says, "There's a lot to like in Acrobat X PDF Reader." See for yourself at :

    <spam link removed>

    Copyright 2011 Adobe Systems Incorporated. All rights reserved.

    Adobe Systems Incorporated
    343 Preston Street
    Ottawa, ON K1S 1N4
    Canada
    I am concerned that this may be as a result of a security breach at Play.com.
    Last edited by DonnyDave; 20-03-2011 at 11:09 PM. Reason: Link removed
    Dave
    Say no to 0870!
Page 1
    • lizards
    • By lizards 20th Mar 11, 2:37 PM
    • 213 Posts
    • 62 Thanks
    lizards
    • #2
    • 20th Mar 11, 2:37 PM
    • #2
    • 20th Mar 11, 2:37 PM
    Same here - received two this morning. One sent to my play@ [my domain] and the other to play247@ [my domain] which is clearly an address I've held for many years as I forgot I even had it or that Play even had a different name back in the day! So the addresses they've got must be going back years.

    And some people wonder why every company I give my details to I use their name @ [my domain].. Caught plenty of them this way.
  • garb
    • #3
    • 20th Mar 11, 2:38 PM
    • #3
    • 20th Mar 11, 2:38 PM
    Same thing just happened to me.. email address I've only given to play.com and same dodgy looking email.

    I wonder if the email addresses have been stolen or sold.
    • DonnyDave
    • By DonnyDave 20th Mar 11, 2:43 PM
    • 1,552 Posts
    • 428 Thanks
    DonnyDave
    • #4
    • 20th Mar 11, 2:43 PM
    • #4
    • 20th Mar 11, 2:43 PM
    I have sent a copy of this spam e-mail to John Perkins who is listed as Play.com's CEO at www.!!!!!!!!!!!!!

    Perhaps others could do the same.
    Dave
    Say no to 0870!
  • GuiltyCol
    • #5
    • 20th Mar 11, 3:01 PM
    • #5
    • 20th Mar 11, 3:01 PM
    Me too. I have just sent this email to play.com:

    Hi,

    When I registered my account with play.com, I used a unique email address: [snip]. This is an email alias that fowards to my real email account. I have never given this email address to anyone else, or used it on any other website.

    Today then I was surprised to receive spam addressed to that email address, selling something allegedly from adobe, promoting the url: "official-adobe-acrobatx.com". I am not alone in this, see other people complaining here:

    forums.moneysavingexpert.com/showthread.php?p=42142988

    Play.com have either sold my email address on to some spammer, or you have had a breach of security and email addresses have been harvested. If the latter, what other personal data might have been stolen?

    I appreciate your swift investigation and response, before I bring this matter up with the Data Protection Act Information Commissioner.
  • capate
    • #6
    • 20th Mar 11, 3:08 PM
    • #6
    • 20th Mar 11, 3:08 PM
    Same here, have also sent email to John Perkins
  • butters
    • #7
    • 20th Mar 11, 3:10 PM
    • #7
    • 20th Mar 11, 3:10 PM
    Hi same here, got one today to play @ my domain. Last year I had someone try and make an order on my account shipping to an address in Milton Keynes, play blamed me even though I know my PC was clean and password was unique, a bit of googling suggested many others were affected, police didn't seem to care.

    It's a joke that play don't allow you to remove your card details, they obviously have security issues but won't ever admit it so they least they could do is offer paypal or a trusted method of payments.
  • 8u87fhsd
    • #8
    • 20th Mar 11, 3:34 PM
    Dictionary Guess??
    • #8
    • 20th Mar 11, 3:34 PM
    Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?

    Also, having the website name as the bit before the @ seems to becoming more common & actually slightly reduces security as the bad guy can now make an educated guess at the email address (rather than it being freddy34 @ sky.com or whatever).

    N.B. I've also got my domain & I've just changed my Play pwd just in case.

    Just because your paranoid doesn't mean they're not out to get you.

    FWIW - Touch wood but I've never had a problem with Play, no dodgy orders, no items go missing, no OTT packaging & no issue with returns
    Last edited by 8u87fhsd; 20-03-2011 at 3:40 PM.
  • halfer
    • #9
    • 20th Mar 11, 3:44 PM
    • #9
    • 20th Mar 11, 3:44 PM
    Thanks to all contributors on this thread. I received the same item of spam via a "GSN" cross-promotion this afternoon, 20 March 2011.

    I don't think my item of spam was a dictionary guess - my per-provider email addresses have a common suffix in order for them to be forwarded onto my usual email address. Random aliases going to my domain are just sent to a spam bin, which I check once in a blue moon.

    So, I've just complained to privacy@play.com - sounds like the best place to complain. I will also complain to the IC, but I thought I'd give them a chance to look into it first.

    I caught BT this way before, so - as @lizards says - using customised email aliases is an excellent way to catch 'em at it
  • capate
    Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?
    Originally posted by 8u87fhsd
    Then wouldn't my inbox be full of similar emails with all the other dictionarywords (used) @ mydomain?
  • butters
    Could it be that we are all just a bit too paranoid & all that is happened is the spammer as used a dictionary to email [dictionaryword] @ domain?

    Also, having the website name as the bit before the @ seems to becoming more common & actually slightly reduces security as the bad guy can now make an educated guess at the email address (rather than it being freddy34@sky.com or whatever).

    N.B. I've also got my domain & I've just changed my Play pwd just in case.

    Just because your paranoid doesn't mean they're not out to get you.

    FYI - Touch wood but I've never had a problem with Play, no dodgy orders, no items go missing, no OTT packaging & no issue with returns
    Originally posted by 8u87fhsd
    I think you're being naive, I have my email set up so any word or in fact anything prefixing my domain will be forwarded to my email. If the scenario you are describing where a bot was being used to randomly guess words then I would have received more than the one email I have from play. Another factor is that my domain has no website linked to it so I never receive spam because there is no site attached to it, this spam email from play.com is the first spam that has managed to get through to my email in 3 years.
    • bonzer
    • By bonzer 20th Mar 11, 3:47 PM
    • 399 Posts
    • 194 Thanks
    bonzer
    I've got it too to an address only given to play.com.

    The links in the e-mail I got seem to actually point to "gsn.com" which is some company called "Game Show Network".

    The domain the link purports to point to (official-adobe-acrobatx.com) has got fairly fake looking whois details in New York and is registered with a Russian registrar.

    Could it be that we are all just a bit too paranoid & all that is happened is the spammer as used a dictionary to email [dictionaryword] @ domain?
    Originally posted by 8u87fhsd
    Don't think so as they didn't try any other address, just that one.

  • garb
    Could it be that we are all just a bit too paranoid & all that is happened is the spammer has used a dictionary to email [dictionaryword] @ domain?
    Originally posted by 8u87fhsd
    That would be possible but in this case my email wasn't play@...

    My guess is the addresses have been stolen by someone.

    The email being sent out is from an online gaming company, the links aren't actually to an adobe web address.. I'm not about to click one to see where I end up though!
  • halfer
    Incidentally, there is a discussion on a GSN forum going on today regarding this issue - no mention of play.com though. I will see if I can post there and ask if there are any play.com customers amongst them.

    (Not hyperlinked, as I am not allowed to post links here - remove space to view)

    ww w.gsn.com/forums/showthread.php?t=891&p=13307
  • garb

    The domain the link purports to point to (official-adobe-acrobatx.com) has got fairly fake looking whois details in New York and is registered with a Russian registrar.
    Originally posted by bonzer
    OK, I'm now upgrading my paranoia to...

    The email addresses at Play (possibly just the newsletter) have been stolen.
    The mailserver/newsletter system at GSN has been hacked.
    The link is full of malware (not visited). (Domain registered today)

    There was an attack the other week via a advertising network. Wonder if this is the same people.. Play must have millions of email addresses.
  • halfer
    Well, after much faffing with GSN's terrible sign-up system, I've posted a note, linking back to here. We'll see if the flurry of email received by GSN members has anything to do with them being play.com customers as well.
  • halfer
    Dammit - credit card details cannot easily be deleted from play - afaict anyway. Hopefully when their PR machinery starts dealing with this tomorrow, people here can request for this feature (other UK retailers like Wiggle already do). Still, whilst it is unclear that sensitive data has been taken as well, deleting it now may be a case of shutting the stable door after...
  • pelago
    I also received this spam to the unique email address that I only ever gave to play.com, and have emailed privacy@play.com.
  • halfer
    Firefox users - don't forget to visit the site in question and then click "Help ->Report Web Forgery". This sends an anonymous report to Google, which is used by Firefox and others to warn users if the site they're on is potentially malicious.

    (Edit: needless to say, don't follow the links in the item of spam. They'll report that your email address is working, and you'll get more spam. Use the links in the first post.)
    Last edited by halfer; 20-03-2011 at 4:33 PM.
  • VariousArtists
    If you want to delete your credit card number, you can replace it with a fake one:
    4111 1111 1111 1111
    Postcode: A1
    Phone number: 0
    And just make something up for everything else.
Welcome to our new Forum!

Our aim's to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

344Posts Today

1,997Users online

Martin's Twitter
  • RT @RichardJLloyd: Thanks Martin. One of the best things of the last 5 years was campaigning for consumers alongside you. See you soon. htt?

  • The new personal savings allowance - here's how it works... https://t.co/mW8Lc6cXZ2

  • Just heard @RichardJLloyd is stepping down as Exec Director of Which? He's been a brilliant ambassador for them, shame for the organisation

  • Follow Martin