So I received an email, supposedly from BestBuy.ca, an excerpt shown above, alerting me to the fact that my name and e-mail address have been exposed by “unauthorized entry” into their system. It’s not Best Buy’s system, but rather Epsilon’s, a company who sends out e-mail on Best Buy’s behalf.
Doing a little research and I find out that this is true and in fact Epsilon does provide this service and to over 2,000+ other companies as well.
This is news to me. I knew not who Epsilon was nor did I have any idea that a 3rd party was sending out Best Buy’s emails. Although I should have guessed that they weren’t doing it themselves.
The e-mail, signed by Best Buy Canada’s VP Marketing, Angela Scardillo, offers apologies and assures me they are investigating the matter and that no account information, password or personal information, including credit card numbers has been compromised. It’s reiterated as many emails do ad nauseum, that they would never ask to confirm personal or financial information in an email.
I’m further warned that I might receive a spam email from the hackers and that I should be cautious when opening links or attachments.
Not Taking Any Chances
Ok. Hold your horses! While there are no attachments, this email does have a few links. One is a link to Epsilon’s statement, a second to BestBuy.ca and another, an email link to customer care.
Really? Do you expect me to actually click on any of the links in this email? How do I know that this email isn’t a phishing scam? And even if I don’t give out my account number, how do I know that by clicking on this link, it won’t trigger a keystroke logger or attach some malicious code that will steal my password the next time I sign on for online banking?
Scanning the e-mail’s the source code, it appears to be originating from Best Buy’s servers, but at this point with “appearing” being the operative word, and despite my curiosity, it’s not worth the risk.
Well, there is a phone number. It’s unlikely that a manually executed analogue voice communication would subject me to an concealed Trojan. I guess I’ll call them in the morning to see if they actually did send the e-mail.
Be careful folks; Be very careful.
Greg Gazin is the Real Canadian Gadget Guy.
Follow me on Twitter @gadgetgreg.