I did the same. Then I notified the FBI. Never heard back from them, but I assume they collect this sort of thing for possible prosecution.
The fact that the link they gave out has BestBuy capitalized should be a good tipoff. No company would do this, intentionally. Spammers without a keen grasp of Internet standards would.
Got it too, didn’t fall for it. What was interesting was that the site linked in the email at hypermart.net or wherever had the BestBuy sidebar, and all of the links worked to real BestBuy pages. It was shockingly slick, and I imagine quite successful. So it will be done again and again and again. Just keep on being vigilant, I suppose.
An article about this scam appeared in my local paper.
And which they couldn’t possibly need, and can’t possibly confirm, unless they were to try it out themselves at a bank or in purchases or something.
It seems so obvious to me, yet I can imagine how some folks would think that a PIN is some sort of universal password like a SSN…