The Inquirer-Home

Sears "spies on customers"

Don't download the SHC Community
Fri Jan 04 2008, 09:49

INSECURITY outfit CA Security is warning punters not to join shopping giant Sears' SHC community.

If you visit Sears.com and Kmart.com you get the chance to join something called My SHC Community and to download some software to aid in 'community participation'.

CA claims that the software acts as a proxy to every web transaction made on the compromised computer. In short it is spyware that tracks all Internet usage, including banking logins, and email.

All data transmitted to and from a system is intercepted. The spyware has been identified as a variation of MarketScore which is spyware that is found by CA's products.

A compromised system will monitors and transmits a copy of all Internet traffic. It will monitors secure sessions which may include shopping or banking sites. For some reason it will records and transmit "the pace and style with which you enter information online and snuffle the header section of personal emails.

It has the ability to combine any data intercepted with credit information.

The data was not even being sent to Sears, but a domain called oss-content.securestudies.com with the IP address 209.247.230.166. The owner of this site is none other than comScore which is an internet marketing research outfit.

More here. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?