CA Security Advisor Research
Blog
 Visiting Sears.com (and Kmart.com) a few weeks ago, I was offered a chance to join My SHC Community, for free, but what I received was, from a
privacy perspective, very costly. Sears.com is distributing spyware that tracks all your Internet usage - including banking logins, email, and all
other forms of Internet usage - all in the name of "community participation." Every website visitor that joins the Sears community installs software
that acts as a proxy to every web transaction made on the compromised computer. In other words, if you have installed Sears software ("the
proxy") on your system, all data transmitted to and from your system will be intercepted. This extreme level of user tracking is done with little and
inconspicuous notice about the true nature of the software. In fact, while registering to join the "community," very little mention is made of
software or tracking. Furthermore, after the software is installed, there is no indication on the desktop that the proxy exists on the system, so
users are tracked silently. An interesting note, the spyware Sears distributes is "genetically" related to software CA Anti-Spyware has detected
for a few years by the name of MarketScore (and other aliases) and distributed by other websites.
A very surprising turn of events from a major retailer.
|
well, maybe they just aren't making enough money, being overshadowed by places like lowes, Menard's, target, and wal*mart. so now they start a full
scale viral and economic conspiracy. seriously, They are like a small diner in the middle of nowhere trying to compete with Bob Evans and Starbucks.
now, they hire hackers to plant spyware to hack bank accounts and make them rich!!! all of the sudden, boom, new stores, renovations and lower prices
and higher wages.
|
Just found this in Reuters business.
Sears accused of violating consumer
fraud law
But in a statement e-mailed to Reuters on Friday, when a consumer blog featured an entry raising concerns about the Sears site, the retailer said
it had "turned off the ability to view a customer's purchase history on Manage My Home until we can implement a validation process that will
restrict access by unauthorized third parties."
The complaint, which seeks class-action status and millions in damages, said the data available at the Manage My Home site could be used to commit
fraud and obtain even more sensitive customer data such as social security numbers.
"There's so many scary situations where people could easily trick you into getting more personal information or gain access to your home for
improper purposes," said Jay Edelson, partner at KamberEdelson LLC, which filed the lawsuit.
|
