Don't Fall for Scamazon.Com

Considering the sophistication of the scam e-mails that I've been receiving lately, there must be a huge black market in phishing, the practice of tricking people into revealing their passwords from ecommerce sites and banks.

A phony Amazon.Com e-mail I received last night is pretty convincing:

Dear Amazon member,

Due to concerns we have for the safety and integrity of the Amazon community we have issued this warning.

Per the User Agreement, Section 9, we may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide our services to you if we believe that your actions may cause financial loss or legal liability for you, our users or us. We may also take these actions if we are unable to verify or authenticate any information you provide to us.

Please follow the link below:

[link removed]

and update your account information.

We apreciate your support and understanding, as we work together to keep Amazon market a safe place to trade.

Thank you for your attention on this serious matter.

Regards,
Amazon Safety Department

NOTE: This message was sent to you by an automated e-mail system. Please don't reply to it. Amazon treats your personal information with the utmost care, and our Privacy Policy is designed to protect you and your information.

The link had the Chinese hostname www.amazon.com.encrypted-inquiry.cn, which resolves to an IP address in Germany. Yesterday, a net abuse monitor reported on Usenet that it had a different IP address in Thailand. The site looks exactly like Amazon.Com and asks for your username, password and credit card information.

Never respond to an e-mail asking for your account or credit card information, no matter how official it looks. These are always scams, run professionally by criminals who will rapidly hit your accounts for everything they can get and are unlikely to ever be caught. Most operate outside the U.S., as this globe-trotting Chinese/German/Thai effort demonstrates.

Considering the importance of ecommerce, browser users need more help detecting these scams. I could tell that the host encrypted-inquiry.cn was suspicious because I am a domain name geek, and Amazon.Com would never use a host in China for American customers. A Microsoft program manager was not so lucky, falling for a similar e-mail because he had just ordered from Amazon.

The server monitoring company Netcraft offers a free Internet Explorer and Mozilla Firefox toolbar that warns users of known phishing sites, providing hosting information about each site you visit. When I installed it this morning, it already had the Amazon scam attempt in its database, alerting me not to visit before I loaded the page.

The toolbar displays detailed information about each site, revealing where it's hosted, what company controls the IP address, and how long it has been online. Toolbar links open detailed reports on each site.

Comments

Note that Amazon, EBay, etc, will always use your name or username. They'll never simply say "Dear Amazon member". So if they don't know who you are, don't trust that you know who they are.

Why not put in false information? That way it forces these phishers to work their way through these incorrect entries, and not just enjoy 100% complete accurate information.

If a large number of people did this, then finding a correct username/password/credit card number in a database becomes as frustrating as finding a non-spam email in a spam folder.

False sites should really have false information :-)

These folks took the time to validate credit card numbers. Providing false information requires the ability to generate believably false numbers.

Google's Gmail uses spam filters that actually detect possible phish attempts. If you get one (usually delivered to your spam folder by default), they add a big red or yellow banner at the top warning you that the mail may not be who it says it's from.

They even strip out the links they want you to click on to provide your information.

Very sweet, and free, too.

Another way to tell that this is a spam message is that "appreciate" is spelled with only one P.

[URL=http://public-sex.bezbana.com]public sex[/URL] [URL=http://real-sex.bezbana.com]real sex[/URL] free nude

hot nude male model

The site is excellent with all the stotras categorised.
billig-reisen.rejco.org http: http://reise-flug.rejco.org
Thanks very much.

The site is excellent with all the stotras categorised.
billig-reisen.rejco.org http: http://reise-flug.rejco.org
Thanks very much.

Thanks a lot for the wonderful and very useful work .
mantel-cell-lymphoma.myrelive.org http:

Hello, very nice site! Please also visit my homepages:

Adult movie
http://www.clearadultmovie.info
Thanks!

I got a similar message. The way I could tell was that I tried to search for a book in the booksearch tool bar of the fake Amazon site it lead to. It lead to a 414 "could not be found" message.

One way to prevent going to a "fake ebay site" is to use an eBay Icon by Iconomize.com. They have designed a variety of Shortcut Icons for Amazon and eBay that automatically install to your desktop.

If you use the icon you know for sure that you are going to eBay or Amazon BEFORE you enter your login info.

Check out the site below.

eBay and Amazon Icons by Iconomize.com

Add a Comment

All comments are moderated before publication. These HTML tags are permitted: <p>, <b>, <i>, <a>, and <blockquote>. This site is protected by reCAPTCHA (for which the Google Privacy Policy and Terms of Service apply).