Saturday, October 6, 2012

BestBuyWin Scam from China

Numerous people have reported receiving a text message stating that they'd won a free gift card from Best Buy and they are given a link to visit, enter their code and claim their prize.


The site is Bestbuywin.net and is registered anonymously through WhoisGuard. The site has dedicated servers based in the United States, but that doesn't tell us where this scam originates. Another weblink being circulated is bestbuyprizes.net and that site is registered in India but run by the same people, with servers based in the USA and United Kingdom. A better clue comes from a small text at the bottom of the pages where the link for Bestbuywin.com is given. That website is registered in China and the site is owned by Beijing Innovative Linkage Technology Ltd. The owners have no reason to hide their China address, since there is nothing that an America-based company like BestBuy could do to stop their spamming practices. This company is accused of disregarding US law and for dishonest business dealings.

Another rewardhubzone website being circulated via text spam is BestBuyRaffle.com and it is also registered anonymously, though its servers are located in the United States. The servers belong to mygt.org and another Best Buy-related scam website hosted on the same servers is bestbuycontest.com which looks exactly the same as BestBuyWin.net, bestbuyprizes.net and BestBuyRaffle.com so they're obviously created by the same people. It would make sense to have multiple domains, due to the possibility (however remote) that one or two may get shutdown and it's a good way to keep their sites from crashing due to too much traffic or a possible DDOS or DOS attack from pissed-off textspam recipients.

The email address given for the registered owner of BestBuyPrizes is also associated with these domains:

1.  bestbuycash.net
2.  bestbuyprizes.net
3.  cell-prizes.com
4.  cellprized.com
5.  hiddenautoprices.com
6.  luckycellprize.com
7.  obeytrack.com
8.  receivecellaward.com
9.  smsaprize.com
10.  txttheprize.com
11.  win2cell.com
12.  wincellaward.com

The email address given for the registered owner of BestBuyWin.com is associated with at least 25 other domains, including:

1.  1hrpayadvance.com
2.  1hrpayloan.com
3.  aoopodkc.com
4.  be-her-star.com
5.  dnsmeet.com
6.  doctorgreat.com
7.  dokkeryb.com
8.  gifthubdirect.com
9.  giftrewardsdirect.com
10.  gopayadvance.com
11.  hotgirlss.com
12.  http-security.com
13.  kusalozus.com
14.  loveedating.com
15.  myonline-security.com
16.  myweb-security.com
17.  plitimaster.com
18.  pojodaworld.com
19.  prizehubdirect.com
20.  promocenterdaily.net
21.  skotchiki.com
22.  super-crap-dns.com
23.  theweb-security.com
24.  wow-gameclan.com
25.  www-security24.com

Entering a code (actually, any four numbers will do) takes you to a Rewardhubzone.com webpage  and a WhoIs search reveals the website to have also been registered anonymously with WhoisGuard, but the servers are based in Hong Kong, China.

At the bottom of the Rewardhubzone webpage, a link is given for you to unsubscribe your email address from future mailings. A postal address is also given, supposedly for the purposes of contacting them by postal mail, but that address is often associated with other scams.

In short: this whole "offer" is a scam intended to confirm your cellphone number as being valid, to get your email address so they can send spam and to get whatever personal information about you that they can.

I forwarded the Bestbuywin.net address to the report center at Best Buy, but I don't think they can do anything about it, since the scam is based in China.

Duane Browning


1 comment:

Anonymous said...

bbcontest.net is also being used for this.