Amazon phishing
-
George the original one
- Posts: 5406
- Joined: Wed Jul 28, 2010 3:28 am
- Location: Wettest corner of Orygun
Amazon phishing
Latest Amazon scam is a quite convincing "payment rejected" email asking you to update your payment method. Giveaway that it's a phishing attempt is lack of a To: field because it was delivered to you via the Bcc: field as a mass mailing. Links in the email all go to scam websites that will harvest your payment info.
-
jacob
- Site Admin
- Posts: 15994
- Joined: Fri Jun 28, 2013 8:38 pm
- Location: USA, Zone 5b, Koppen Dfa, Elev. 620ft, Walkscore 77
- Contact:
Re: Amazon phishing
I don't click on company/any emails at all anymore. Instead I'll log onto the site directly and get the notification (if any) there. This up to the point where I won't copy and paste the URL but look up what the actual URL should be from either wiki or the top google result.
For suspicious/unusual emails, it's also worthwhile to look at the full header---scammers can manipulate a lot of the fields but they can't change everything because the email has to come from somewhere.
For suspicious/unusual emails, it's also worthwhile to look at the full header---scammers can manipulate a lot of the fields but they can't change everything because the email has to come from somewhere.
Re: Amazon phishing
Thanks for the warning. I follow Jacob's procedure, aside from newly created accounts where the site wants you to click here to verify email/account. After that I never click on links in email. It's sufficiently poisoned that I even have malicious stuff from hijacked friend emails.
-
IlliniDave
- Posts: 3876
- Joined: Wed Apr 02, 2014 7:46 pm
Re: Amazon phishing
In general if it has to do directly with payments and accounts I'll navigate independently to the site and log in. If it's something benign like "link to your monthly utility bill below" I might follow it if the url really goes to the utility company. Happily, almost all of my bill reminder emails now include the amount due in the email itself, so I don't need to check unless something looks amiss. Very few fraudulent emails get through my email domain's spam filter, but I still stay on my toes (we get a lot of this type of "training" at work).
What's worrisome to me is that my dad is increasingly susceptible to fall into one of these scams, and his somewhat gullible circle of email corresponders are often nodes for stuff reaching him. At least for now if something sets off his BS detector but not strongly enough he immediately discards it, he contacts me for a second opinion.
What's worrisome to me is that my dad is increasingly susceptible to fall into one of these scams, and his somewhat gullible circle of email corresponders are often nodes for stuff reaching him. At least for now if something sets off his BS detector but not strongly enough he immediately discards it, he contacts me for a second opinion.
Re: Amazon phishing
It’s amazing how good these things are getting. I get ones from credit card companies I don’t use and they look like legit logos and artwork. I had a capital 1 scam email lately that even put legitimate links to the capital 1 website up top to establish faith...but the critical link at the bottom to “log in” and clear up my apparent fraudulent charge was definitely a phishing trap.
A lot has passed since guys warned me about the scripts in the university computer center that would prompt for logins then automatically log you in while recording your credentials. Same dumb trick. “>Welcome to Ethernet”
A lot has passed since guys warned me about the scripts in the university computer center that would prompt for logins then automatically log you in while recording your credentials. Same dumb trick. “>Welcome to Ethernet”
-
Jason
Re: Amazon phishing
Soon they'll be suing Amazon for stealing their idea once Jeff Bezos creates his own Amazon phishing company.