Spam from "GSN" to e-mail address registered on Play.com

1235715

Comments

  • dragonmeat
    dragonmeat Posts: 6 Forumite
    Internet_Pawn wrote: »
    Got the same email to playcom@[mydomain]. Play.com were totally unconcerned about it. Here's their reply to me:

    <snip>

    I'm not impressed, to say the least, particularly as it now seems I'm not the first to let them know. We need to keep this thread updated, if we want Play.com to take this seriously.


     I had almost exactly the same response from Play; it contained the additional paragraph
    Upon checking your account on our system, we can confirm that your details are secured and that there are no irregularities that may cause for alarm.
    A very bold statement to make! I wrote back saying I wasn't at all happy with their response (which is at best technically incorrect) and they've sent me a further reply. To be fair, it sounds like the incident is now on its way to someone who might understand security. They're going to have a fun day tomorrow.
  • dragonmeat
    dragonmeat Posts: 6 Forumite
    spiffer wrote: »
    So a breach at a third party is a possibility. The good news is it would be unlikely to include more sensitive data like passwords or credit card details. Not that this would absolve play.com of responsibility of course.

    I agree. If a third-party breach does turn out to be the cause, I hope it makes Play et al. think twice before selling their users' details to 'carefully selected business partners'. Even if they declare this in their privacy policy, they are failing in their duty of care to their customers if the information falls into the wrong hands and ultimately, they will be the ones who will take the resulting reputation hit.
  • olemartinorg
    olemartinorg Posts: 1 Newbie
    spiffer wrote: »
    A dump of the data handed to someone in the marketing department and then sold on or lost on a usb drive are much more likely (and I know from experience as a db admin that it does happen, even if you try to say "no"). So all this stuff about network security actually doesn't mean much.

    I'll confirm that! I once found a full database dump on the public web server for a certain international TV channels web site.. All those passwords were in plain text, and i found more than half a million unique e-mail addresses from a recent competition they hosted.

    So yeah, i found you all via Google - after i came to doubt the same generic reply I got from Play.com after I sent them an email earlier today. Also, my Firefox tells me that official-adobe-acrobatx.com is now listed as a phishing web site - good job folks!

    On a final note; as far as i can tell, a link on the site points in the direction that the marketbay.com affiliate marketing site is involved. I've sent them an email, but I'm still awaiting a reply.
  • halfer
    halfer Posts: 38 Forumite
    Bah, at least you lot are getting replies! Not a sausage back from play.com from me :mad:

    I'll give 'em to Wednesday, and then will start blogging about it. More coverage the better.
  • halfer
    halfer Posts: 38 Forumite
    I've emailed ExactTarget, the marketer whose servers were used; will notify here if I get any juicy info from them. (Did anyone get this spam from a sender other than ExactTarget, out of interest?)
  • halfer
    halfer Posts: 38 Forumite
    You gotta love social media. Quick, play.com, do something! :) Your reputation is dissolving.

    twitter.com/search?q=play.com%20spam
  • aerostar
    aerostar Posts: 1,736 Forumite
    Name Dropper Combo Breaker First Post First Anniversary
    I monitor some friends e-mails for Spam etc, and have seen this 4 times, one to my own unique play.com address, I bounced all the e-mails back to the sender.
  • Ghost
    Ghost Posts: 313 Forumite
    I recived this spam email yesterday too. It's not an address that I exclusively use for Play but it is an address that I use exclusively for online shopping and is (up to now) 100% spam free. I can only conclude that this breach is the fault of Play as so many other members can prove it's them.
    "He who asks questions cannot avoid the answers"
  • littlerat
    littlerat Posts: 1,792 Forumite
    First Post First Anniversary Combo Breaker
    I had the email today. But I use the same email for most things, so could've gotten it from any of the comps I've entered etc.

    There's a topic here: http://www.gsn.com/forums/showthread.php?t=891&page=2&

    It seems GSN is a legitimate company, but this email isn't obviously. Also plenty there haven't used play.. so who knows.
  • Miss_Qwerty
    Miss_Qwerty Posts: 664 Forumite
    I can confirm it isn't a Dictionary @ Domain search, I received one of these to the email address that I use at work (myname)@(specific company name).

    This is the email address I had given to Play (And I don't use for comps or anything), but luckily I hadn't purchased anything since 2009 so my card details have expired.
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 343.2K Banking & Borrowing
  • 250.1K Reduce Debt & Boost Income
  • 449.7K Spending & Discounts
  • 235.3K Work, Benefits & Business
  • 608K Mortgages, Homes & Bills
  • 173.1K Life & Family
  • 247.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 15.9K Discuss & Feedback
  • 15.1K Coronavirus Support Boards