interesting-people message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [IP] more on Amazon Phishing scam - BEWARE!

  • From: David Farber <>
  • To:
  • Date: Sat, 03 Dec 2005 12:19:50 -0500

Begin forwarded message:

From: Bob Frankston <>
Date: December 3, 2005 11:48:54 AM EST
Subject: RE: [IP] Amazon Phishing scam - BEWARE!

Once again those phishers. I don't have much new to say but can tie
together a few aspects.

I wish those with the most to lose would put up a few billion dollars to
track the varmints down. Not that that is a real solution but it is a
social problem. I fear, though, that they will just go after the usual
suspects -- I wonder how many alpha phisher/spammers there are. Reducing
the problem might make it worse - at least now everyone is wary though not
to the point of not doing online transactions -- yet.

Since I do my own mail processing I've marked a number of accounts as
suspicious and will mark any message that doesn't have an appropriate
&quot;received from&quot; address as suspicious. I also flag messages with other
suspicious content such as a % in a URL address. Same for a whole list of
suspect attachment types.

This is something I can do because I do my own mail processing and my own
popfile handling. It's not necessarily an approach that can be done
generally because, for example, many senders seem to be utterly clueless
and do things like sending mail from internal sites not listed in the DNS
or from third party mail providers. There's technically nothing wrong with
that -- it's just a useful heuristic for me to use for critical sites. I
can't follow a path through &quot;received&quot; lines to establish a chain of trust
As I've mentioned in the past I'm surprised that third party mail sites
that might me &quot;xyzzyx.whatever&quot; mailers don't get subdomains from their

Note that I don't block the messages I just wrap them and say &quot;suspicious&quot;
but it's worked remarkably well.

What makes phishing so interesting is that it is really a confidence game
and preys upon our basic need to have simple trust heuristics. As with
other aspects identity theft the victim is blamed for being careless rather
than human. There's still insufficient recognition that these attacks are
indications of our failure to scale social mechanisms to the new landscape
and that we need to presume phishing will happen and deal with it rather
than putting the onus on the user to track down all of consequences.

For the credit card companies it's just a cost of doing business and
cheaper for them to choose to blame some users than to actually have to
take responsibility. I don&#x2019;t expect the current administration to be
capable of being an advocate for consumers but that's another topic.

I feel it's World War I again and the British generals assume that they can
get past those machine guns with another few thousand troops -- after
60,000 they did. Today we keep email logs and comedians seem to reflect
popular na&#xEF;vet&#xE9; and wonder why we don't just use profiling to solve our

-----Original Message----- From: David Farber [] Sent: Saturday, December 03, 2005 07:06 To: Subject: [IP] Amazon Phishing scam - BEWARE! Importance: High

Begin forwarded message:

From: John Nigro <>
Date: December 2, 2005 3:38:35 PM EST
Subject: Amazon Phishing scam - BEWARE!

Dave &#x2013;

Please post (and edit if need be) if you deem worthy.

John Nigro


I just received an email to my hotmail account from payments- with the following text:

Greetings from Amazon Payments.

Your bank has contacted us regarding some attempts of charges from
your credit card via the Amazon system. We have reasons to believe
that you changed your registration information or that someone else
has unauthorized access to your Amazon account Due to recent
activity, including possible unauthorized listings placed on your
account, we will require a second confirmation of your identity with
us in order to allow us to investigate this matter further. Your
account is not suspended, but if in 48 hours after you receive this
message your account is not confirmed we reserve the right to suspend
your Amazon registration. If you received this notice and you are not
the authorized account holder, please be aware that it is in
violation of Amazon policy to represent oneself as another Amazon
user. Such action may also be in violation of local, national, and/or
international law. Amazon is committed to assist law enforcement with
any inquires related to attempts to misappropriate personal
information with the intent to commit fraud or theft. Information
will be provided at the request of law enforcement agencies to ensure
that perpetrators are prosecuted to the full extent of the law.

To confirm your identity with us click here:


Here was a link that went to a very realistic page asking for me to
first sign in, then for my CC#, PIN#, address, etc. I almost started
to do so and then saw that the page was http:// and not https:// -
and was not secure.

THIS IS A PHISHING SCAM! &#x2013; DO NOT even sign in &#x2013; they will then have
your log-in info. I have already changed my Amazon password and
recommend you do too, even if you don&#x2019;t get one of these.

You are subscribed as
To manage your subscription, go to

Archives at: people/

You are subscribed as
To manage your subscription, go to

Archives at:

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Search: Match: Sort by:
Words: | Help


Powered by eList eXpress LLC