« US Customs: Common sense fails to prevail...a personal story | Main | Ray Ozzie 3rd blog, 3rd big job »

Phishing in the Amazon

I received yet another phishing email today. In the past, most of the ones I've received have been trying to get me to sign into my PayPal account. Others, a bit more obvious phishing schemes, try to get me to login to bank accounts. Fortunately, they're for banks where I hold no accounts.

Today's email (see below) appeared to originate from Amazon. It is well-written and since I've recently bought several books from Amazon, got my attention.

amazon-phish
(Click image to enlarge)

I was "this close" (fingers held nearly together) to clicking on the link, when I thought "does this look phishy?". So, I right-clicked on the link and posted it into my browser address bar. Lo and behold, it looked like this (Clearly, not somewhere to go to do any business with Amazon.):

http://mail.rihes.cmu.ac.th/help/en_US/.amazon/index.html

If you *do* go to the site, it looks very much like a real Amazon sign-in page.

amazon-phish-signin
(Click image to enlarge)

Feeling a tad disturbed and expecting that this may be a new wave of phishing that Amazon might not be aware of, I put on my good net citizen hat and decided to attempt to report this to Amazon. Clearly they have a mechanism for such reporting. They seem to have thought of nearly every conceivable situation that a customer might encounter.

Sure enough, they have quite a bit of info on phishing and they even have a way to report various aspects of phishing. I chose that I wanted to "report a spoofed email" as one of their canned email subjects. I followed their instructions, providing the header as well as the body of the email and noting that the link that is shown in the email was really the link I wrote above.

email-amazon
(Click image to enlarge)

Regrettably, after several attempts to send the email, all I got was the following error.

amazon-email-fail
(Click image to enlarge)

Being good blog fodder and hoping that this could perhaps prevent further abuses by those b*st*rds in the phishing community, I close this entry.

UPDATE: Comments have been closed due to irritating comment spam.

Technorati Tags:

Posted by Bob Monsour on November 10, 2005 10:46 AM |

Comments

I received a fake amazon email today. I was immediately suspicious because I've hardly ever used amazon, and it came in on an email address which gets a lot of phishing emails. But the email was in plain text, with links to amazon.co.uk so no obvious way for a scam to work. Then I realised it was probably aiming to get me to open the attachment.

I also tried to report this to amazon, but unlike the banking systems I've reported to, amazon doesn't let you forward an email to them. They ask you to fill in the text of the email into their web form. That's no use if you want to show amazon an attachment.

Anyway. Here's the fake amazon email text:

"
Dear customer!
We're writing to let you know that we've initiated a transfer from your
bank account (Last 4-digits: 0402) for the following amount:

GBP 313.14 (ORDER #0220873 , DATE #20.03.2006)

Funds should leave account in approximately three to five working days.

See your statement details in attachment."

(Luckily the last 4 digits are incorrect, otherwise I'd be a lot more worried!)

Posted by: Harry Wood | March 21, 2006 5:37 AM