Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: MS Threat Research & Response Blog

26 May 2010   #1

Win 7 Ultimate 64-bit. SP1.
MS Threat Research & Response Blog

Letís Celebrate Best Buy's 20th Anniversary

Last week, I was checking my Facebook account and noticed I had an Event Invitation from a fellow security researcher. Very intriguing. This friend is a world traveler and doesnít currently reside in the United States, but the Event Invitation was for a Free $1000 "Best Buy gift card to celebrate Best Buyís 20th Anniversary".

Alarm bells started ringing and I knew it had to be a scam. But letís take a look...

There was no reason I could think of why they would use a ******* URL unless they didnít want people to notice right away that it wasnít a Best Buy site. This way, people are forced to click through. (There are good reasons for using *******. For example, a medium such as Twitter restricts the size of your entry. Or you have a legitimate need to obfuscate the URL.)

The first thing I noticed was:

" is not affiliated with Best Buyģ, Inc."

ALL of the links on this page return you to this page, except for the Gift Status link that requires a login, a login that you would create if you followed the process through to that point. Thus, there is no Privacy Policy nor any other information available. But if you enter a ZIP code, you will be transported toÖ

All the links here react similarly as the previous page (see tabs; returns or requires login). But look at all the information they want. Those are many data items that qualify as Personally Identifiable Information (PII) for which a Privacy Policy is required because there are legal ramifications for their inadvertent dispersal. (I hesitate to call them legal protections as all we get is notification.)
Source -
Let’s Celebrate Best Buy's 20th Anniversary - Microsoft Malware Protection Center - Site Home - TechNet Blogs

My System SpecsSystem Spec

26 May 2010   #2
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Excellent post!

There was an Event on Facebook. Friends are giving up their friends' personal data by RSVPing to the offer. Almost 10,000 people gave this company all their Facebook info about themselves and their friends. This company has possibly accumulated over one-third of a million email addresses for its future spam campaigns, or perhaps it plans to sell the list to other spammers. Such a list is worth more than a couple thousand dollars. Pretty good returns for the creation of a Facebook Event.
My System SpecsSystem Spec

 MS Threat Research & Response Blog

Thread Tools

Similar help and support threads for2: MS Threat Research & Response Blog
Thread Forum
Solved SSD Research help Hardware & Devices
Win 7 research General Discussion
Permission Research virus System Security
From Microsoft Research - New 3D NUI Experience: News
RESEARCH: Mac features you'd like to see in Windows? Chillout Room
Songsmith, by Microsoft Research. Software

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:46 AM.
Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33