There has been a marked increase in the number of phishing e-mails that are disguised as e-mails from Amazon. The screenshot below gives one such example:
There are several tell tale signs that this e-mail is not genuine:
1) It is from amazon.com as opposed to amazon.co.uk (which on its own is not enough to tell as you may shop at amazon.com)
2) The price is quoted in $ as opposed to £
3) The subtotal, total and grand totals do not add up
4) Moving the mouse over any link reveals that clicking on it will not take you to Amazon:
There are a number of such e-mails in circulation just now and if you were to click on the link, one of two things will happen; either you would be taken to a web site that would attempt to download a piece of malware to your PC / laptop or you will be taken to a web site that looks like a genuine Amazon site that will ask you for your username and password. Once you have entered your username and password, the rogue site will collect your username and password and then divert you to the real Amazon site, so you will think that all is well but you have just given the bad guys your Amazon login details!
It is good practice to always hover your mouse cursor over a link and let your system reveal the actual destination before clicking on a link and if you are at all suspicious, do not click on it.
Interesting article you have here. I use a programme called MailWasher to filter my e-mails. This allows you to see what e-mails you have received, without actually downloading them. I got it when dial-up was all the rage because you could delete all the spam before wasting money on downloading it.
However, I still use it because it has an interesting "side effect". If someone sends an e-mail, you can preview it in a separate window, just like Outlook. MailWasher, though, actually shows you the full link attached to the description in the message. So if Amazon sent me a message, the hyperlink would appear as normal, but in a lighter colour and in brackets, the actual link attached to the hyperlink is shown. So if I have any doubts, or simply want a giggle, I can look at the actual hyperlink, rather than the one any potential fraudster wants me to see. It is very useful for the few occasions when I am not sure (although having worked in retail banking when the infamous "Nigerian fraud" scams started, I tend not to believe most of the e-mails sent by financial institutions or the like). I think this facility alone is worth the few pounds annual renewal fee that I pay.
But I have to confess that I am still amazed that people think their banks can't spell or somehow have forgotten their names, and respond to such messages. And a quick phone call is all it takes in most cases to check the validity or otherwise of any message sent.
Jaiden
Posted by: KPO | August 09, 2010 at 10:18 AM