Last Updated: 2014-10-11 13:32:40 UTC
by Rick Wanner (Version: 1)
With all the high profile breaches pretty much every one of us has received a breach notification email in the recent past. But how many of you could tell if it was legitimate?
Take this email from Target from early in 2014.
With all the Target Phishing campaigns going around at the time many people questioned the legitimacy of this email. At first glance it looks pretty legitimate.
With all the garbage email we receive most of us have been diliigent that at a minimum we check two things:
- links in the email point to where the link says it points and that where the link points looks legitimate,
- sender address, and reply-to, address does not look spoofed
In this case there is only one link in the email and it points to creditmonitoring.target.com, which is a page in the target.com website. What made people question the legitimacy was the from email address. It was sent from TargetNews@target.bfio.com. Clearly not a Target domain.
It turns out this email is legitimate. bfi0.com is a part of Epsilon Interactive a marketing service that Target uses for customer marketing. If you check Targets FAQ page it says:
A: To make sure you continue to receive Target emails in your personal inbox (not bulk or junk folders), please take a moment to add Target.com [TargetNews@Target.
Subject: Important Request from Fisher-Price Online Store
To ensure you receive our Fisher-Price e-mails in your inbox (not bulk or junk folders), please add
Dear Valued Customer,
In order to improve your Fisher-Price Online Store website experience, we have transitioned to a different technology platform. As part of the transition, existing password information has been removed from your account. Before you can login to your account on the new site, you will need to reset your password using the "Forgot Password?" link.
As an added measure of security during the transition, all payment information was also removed from your account. After logging in, please feel free to re-enter that information for fast and easy checkout.
Thank you for your immediate attention to this matter and your continued interest in Fisher-Price Online Store. We look forward to serving you soon!
Fisher-Price Online Store Customer Service
Please note that this does not affect your password for Fisher-Price.com. No changes are needed for your Fisher-Price.com account.
Questions? Please contact Customer Service at 1-800-747-8697.
US postal mail address: Mattel Direct, Inc., Attn: Customer Service, PO Box 620978, Middleton, WI 53562-0978
Fisher-Price Privacy Statement | Legal Terms and Conditions
©2014 Mattel, Inc. All Rights Reserved
-- Rick Wanner - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)
Last Updated: 2014-10-10 09:18:30 UTC
by Basil Alawi S.Taher (Version: 1)
Microsoft have announced the heads-up for this month security patches. With nine bulletins three are rated as critical, one as moderate and five as important.