Sponsored by..

Thursday 19 July 2007

Wheredidyoubuythat.com spam

Online gift shop Wheredidyoubuythat.com had its email database compromised a little while ago. I'm currently getting a spate of fraudulent emails sent to an address only used for Wheredidyoubuythat.com and nothing else. Although I don't believe that they are responsible for the fraudulent spam, equally as well they never responded to my report that they had a security breach. Approach that particular merchant with care.

The fraudsters are currently sending out UK-targetted spam to the addresses which indicates that they know full well where the harvested email addresses come from.

To: ***********
From: LloydsTSB Online Banking
Subject: Account Update

Dear Customer

Lloydstsb Bank has been receiving complaints from our customers for unauthorised use of the Lloydstsb Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.

Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start .

However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

Thanks for your co-operation.

Fraud Prevention Unit
Legal Advisor
Lloydstsb Online Banking


Unknown said...

Dear Conrad

My name is Karine Kong, Director from www.wheredidyoubuythat.com
First of all, please accept our sincere apologies for the inconvenience you are experiencing.
Unfortunately we have never received your email mentionning this spam issue, otherwise we would have responded to you within 48 hours. However, now we are aware of it, our technical team is looking into this to see how & why this is happening.
I would like to reassure you that for security reasons, our database does not hold customers card details so even if some malicious virus have broken into our database, there is little they could do except annoying our customers with spam emails. I shall let you know how this is resolved as soon as possible. In the meantime, do not hesitate to contact me if you have any queries.
Kind regards


Conrad Longmore said...

Cool :) At least that got a response, although I was disappointed to find that your company didn't respond to a direct (and private report)

Unknown said...

Maybe your email when into the SPAM box...