|
|
|
|
Consumer Education Series Against
Online
Thievery!
Whether it is Phishing, Scams,
Email Fakes,
Identity Theft, Online Privacy Issues, Spam & More - We teach
you how to spot these criminals a mile off... and how to report them to
the authorities. |
TIPS
COLUMN:
Even inside the message source, you can take care to NOTICE the spelling error & the purposefully attention-grabbing subject line and that these liars are using
an official-sounding Amazon email address to make themselves look more
real and official to you, the
unsuspecting user!
|
This is how the email looks when it comes in your inbox.
| It's also very
typical for these criminals to use the "THREAT method" to try to scare
you into clicking the link out of fear of losing your account or
whatever they choose to use to threaten you. DON'T FALL FOR IT
- It's just part of their lies to get you to
click. |
Notice
the misspelling of Department
=> just another clue.. anyone running a
major company knows how to use spellcheck.
|
|
Welcome
to another in Donna Maher's consumer
protection series to help you stop getting victimized
by the
miscreants online who want to steal your private information &
make
your life miserable (and also make you a lot poorer whenever they get a
chance). We show
you various emails
from
these criminals to help
you spot them and make intelligent choices
about what to do and how
to avoid these scams and invasions of your
privacy. This time, the phisher (pronounced 'fisher') is pretending to be Amazon.com
so they can steal your banking and credit card information.
The Amazon
Phisher Email Tutorial & Helpful Tips:
First, we'll explore the message source
(there will be yellow tables with notes, and bolded red or bolded black
fonts that aren't found in a regular source, but it's a good place to
put your tutorial information - where it relates to the item) and I'll
be changing my real
email to someone@site.com to protect myself from further spamola so
that's the only part that isn't accurate, OK? I also broke
their URLS in two because I don't want you to accidentally click them
and go to this jerk's phishing site unaware! CLICK TO See the
phishing email as it would appear in your inbox.
Return-path:
<efax@mail.rwcapitalestates.com> <=Notice
this email
did NOT originate from Amazon!] [This part of the mail is
called the 'message source' and can be found in various ways depending
on which email client you use.]
Envelope-to: someone@site.com
Delivery-date: Mon, 13 Feb 2006 22:29:48 -0500
Received: from someone by servers.com with local-bsmtp (Exim
4.60 (FreeBSD))
(envelope-from
<efax@mail.rwcapitalestates.com>)
id 1F8qst-000Kqo-Ft
for someone@site.com; Mon, 13 Feb 2006
22:29:48 -0500
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13)
on servers.com
X-Spam-Level: ****
X-Spam-Status: No, score=4.5 required=5.0 tests=HTML_MESSAGE,
HTML_MIME_NO_HTML_TAG,HTML_TAG_EXIST_TBODY,MIME_HEADER_CTYPE_ONLY,
MIME_HTML_ONLY,RCVD_IN_BL_SPAMCOP_NET,URG_BIZ,URIBL_PH_SURBL
autolearn=no version=3.1.0
(Exim 4.60 (FreeBSD))
(envelope-from
<efax@mail.rwcapitalestates.com>)
id 1F8qst-000Kqe-18
for someone@site2.com; Mon, 13
Feb 2006 22:29:47 -0500
Received:
from adsl-63-204-12-121.dsl.snfc21.pacbell.net
([63.204.12.121]
| Unfortunately,
you can't always go check the "who is" to find out who this IP number
belongs to, because many of these criminals also can fake that
information. Hey, if you get smart enough, they can fake
everything and not hurt you if you NEVER click their links! |
helo=mail.rwcapitalestates.com)
by s21.plservers.com with esmtp (Exim
4.60 (FreeBSD))
(envelope-from
<efax@mail.rwcapitalestates.com>)
id 1F8qsu-000O8W-VL
for someone@site2.com; Mon, 13
Feb 2006 22:29:50 -0500
Received: by mail.rwcapitalestates.com (Postfix, from userid 1039)
id 37FB45CFC70; Mon, 13 Feb 2006
19:31:09 -0800 (PST)
To: someone@site2.com
Subject: Urgent Notice - Fraud
Detect!
From:
Departament of Amazon Security <security@Amazon.com>
Content-Type: text/html
Message-Id:
<20060214033109.37FB45CFC70@mail.rwcapitalestates.com>
Date: Mon, 13 Feb 2006 19:31:09 -0800 (PST)
X-Antivirus: avast! (VPS 0607-0, 02/13/2006), Inbound message
X-Antivirus-Status: Clean
<A
href="http://amazon.strangled.net/exec/obidos/flex-sign-in/002-2625330-0743215?
opt=af&response=tg/visa/marketing/-/sc/P///&ccc=1"><IMG
src="http://g-images.amazon.com/images/G/01/nav2/images/skins/teal/logo-on.gif"
border=0></A>
<TABLE cellSpacing=0 cellPadding=0 width=600
align=center border=0> <TBODY> <TR>
<TD colSpan=3><IMG height=2
src="pp.files/pixel.gif"
width=2></TD></TR></TBODY></TABLE>
<P><FONT
size=2><FONT
face=Verdana>Dear <STRONG><STRONG><SPAN
style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY:
Verdana">Amazon<SUP>®</SUP></SPAN></STRONG>
</STRONG>member</FONT>, <BR></FONT><BR></P>
<P><FONT face=Verdana size=2>It has come to
our attention that
your <SPAN style="FONT-SIZE: 10pt; COLOR: black;
FONT-FAMILY:
Verdana"><STRONG>Amazon<SUP>®</SUP></STRONG></SPAN>
order Information
records are <BR>out of date.That requires
you to update
the order Information If you
could <BR>please take
5-10 minutes out of your
online </FONT><FONT face=Verdana
size=2>
<FONT face=Verdana size=2>
experience and update <BR>your order
records, </FONT><FONT
face=Verdana size=2> you</FONT><FONT
face=Verdana size=2>
will not run into any future problems with
Amazon <BR>online service.
</FONT><FONT face=Verdana size=2>
<BR>
</FONT></P>
<P><FONT face=Verdana size=2>However,
failure to update your records will
result in account termination. <BR>Please
update your records in maximum 24
hours. </STRONG></FONT> <BR><BR>Once
you have updated
records, your <SPAN style="FONT-SIZE: 10pt; COLOR:
black;
FONT-FAMILY:
Verdana"><STRONG>Amazon<SUP>®</SUP></STRONG></SPAN>
session
will not be <BR>interrupted and will
continue as normal. </FONT></P>
<P><FONT face=Verdana size=2>To update your
<SPAN style="FONT-SIZE: 10pt;
COLOR: black; FONT-FAMILY:
Verdana"><STRONG>Amazon<SUP>®</SUP></STRONG></SPAN>
order Information click on thefollowing
link: <BR></FONT><A
href="http://210.188.228.251/pc/agreement/amazon_update.php<"target=_self><FONT
NOTICE
that you are not going to Amazon but someone's private server to be
"serviced" by their criminals to assist you in wiping out your entire
bank account!
Hover
your mouse over the link that allegedly goes to Amazon in the
"official looking email below" (click
here
to see it to "hover test" it or just scroll down) and
you'll see that it goes to this phisher site I've bolded above this
yellow area. |
face=Verdana
s
ize=2>http://www.amazon.com/gp/css/homepage.html/ref=cs_top_nav_ya</FONT></A></P>
<P><FONT face=Verdana
size=2></FONT> </P>
<P><FONT face=Verdana
size=2>Thank you for your time!
<BR><SPAN
style="FONT-SIZE: 10pt; COLOR: black;
FONT-FAMILY:
Verdana"><STRONG>Amazon<SUP>®
</SUP><SPAN style="FONT-SIZE:
10pt; COLOR: black; FONT-FAMILY: Verdana">Security
</SPAN></STRONG><SPAN
style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY:
Verdana"><STRONG>Departament</STRONG></SPAN></SPAN>
</FONT></P>
<P><FONT face=Verdana size=2><A
href="http://www.amazon.com/exec/obidos/tg/
visa/marketing/-/p/P/NO/ref=b1_login_pgraph_home/002-7929939-2558427"><IMG
src="http://puna.net.nz/archives/Technical/Ascii%20Table%20-%20ASCII%20
character%20codes%20and%20html,%20octal,%20hex%20and%20decimal%20
charts_files/ascii_files/104-1039252-6618302_files/gway_link2.gif"
border=0></A>
<TABLE cellSpacing=0 cellPadding=0 width=600
align=center border=0> <TBODY> <TR>
<TD colSpan=3><IMG height=2
src="pp.files/pixel.gif"
width=2></TD></TR></TBODY></TABLE>
<P><FONT
size=2><FONT face=Verdana>
|
BELOW is how
the PHISHER email would look if you opened it in your inbox (which I
certainly
did NOT) (Don't
click the fake Amazon link, just hover over it to see that all is NOT
what it appears in a phishing email - it never is! And when
you learn to recognize these emails for what they are, you defuse a
potentially dangerous to you situation.)
Dear Amazon® member,
It
has come to our attention that
your Amazon®
order Information records are
out of date.That requires you to update
the order Information If you could
please take
5-10 minutes out of your online
experience and update
your order records, you will not run into any future problems with
Amazon
online service.
However, failure to update
your records will
result in account termination.
Please update your records in maximum 24 hours.
Once you have updated
records, your Amazon®
session
will not be
interrupted
and will continue as normal.
To
update your Amazon®
order Information click on the
following link:
http://www.amazon.com/gp/css/homepage.html/ref=cs_top_nav_ya
Thank
you for your time!
Amazon®
Security
Departament
| Notice
that the email above
looks fairly "official" which is the whole aim of these criminals... is to
make you think the email is URGENT and authentic when in actuality, it is nothing
more than a cruel fake designed to steal your banking and credit card
information from you. LEARN TO SPOT THESE and hit delete
without ever opening them. It's the only way to stop these
miscreants is by not giving them the pleasure of ever opening their
evil garbage in the first place. |
|
|
|
Knowledge
is Power - we want to empower you so you won't become
another victim of online theft and suffer needlessly because you didn't
know any better!
Now you will definitely know better! We
help you learn how to spot those scammer emails at a glance and what to
do!
|
|
|
|
|
