[IP] more on Amazon Phishing scam - BEWARE!
Begin forwarded message:
From: Dennis Allison <allison@xxxxxxxxxxxxxxxxxxx>
Date: December 3, 2005 3:50:05 PM EST
To: David Farber <dave@xxxxxxxxxx>
Subject: Re: [IP] more on Amazon Phishing scam - BEWARE!
For IP if you wish...
I get 4 or 5 variations of the Aamazon phishing scam a day and almost
always send them off to stop-phishing@xxxxxxxxxxx As a user, even
today,of an ascii mail reader, the phishing hacks are usually obvious
and
in my face.
I have yet to receive any information from Amazon, eBay, or anyone else
about what action they have taken on reported phishing expeditions.
For a
period of a year and a half, I sent every Nigerian scam letter I
received
(2 to 6 per day) on to the Secret Service per their request only to find
that they were dumping everything into a bit budket because the
volume was
too high and they lacked the staff to persue it. In a couple of
instances
where I was concerned enough about the phish to contact the targeted
institution directly, the "security" folks would give out no information
citing "privacy" concerns. My guess is that most phishing mails are not
persued and the ISPs hosting the data gathering pages continue to
operate,
business as usual.
On Sat, 3 Dec 2005, David Farber wrote:
Begin forwarded message:
From: "Mike O'Dell" <mo@xxxxxxx>
Date: December 3, 2005 12:53:16 PM EST
To: dave@xxxxxxxxxx
Subject: Re: [IP] more on Amazon Phishing scam - BEWARE!
i have adopted a Neo-Luddite approach to all this:
I believe *nothing* of a commercial nature i get in email
that i cannot vouchsafe with external knowledge.
even then *I* always initiate contact through
known channels, rather than accepting a channel
offered to me.
Sure it's less convenient, but much less annoying than the
consequences.
Fer Instance:
I don't believe anything I get about eBay or Amazon
because I know they don't use email notifications
precisely because of this. and i know enough about
my accounts that i wouldn't believe it even if they did.
if i was concerned, i'd enter the site through a
known-good DNS name, do a bit of checking around,
and then login to my account.
(The status line at the bottom of your browser
can tell you a LOT about whether a link is bogus.
Firefox even complains if it fails "obviousness" checks.)
in short, when someone sends you a "shortcut" in an email,
*ASSUME* it's the Big Bad Wolf providing it *REGARDLESS*
of who sent the email (either apparently or in fact).
-mo
"Just click here to <urk!>"
David Farber wrote:
Begin forwarded message:
From: Bob Frankston <Bob2-19-0501@xxxxxxxxxxxxxxxxxx>
Date: December 3, 2005 11:48:54 AM EST
To: dave@xxxxxxxxxx, ip@xxxxxxxxxxxxxx
Subject: RE: [IP] Amazon Phishing scam - BEWARE!
Once again those phishers. I don't have much new to say but can tie
together a few aspects.
-------------------------------------
You are subscribed as allison@xxxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-
people/
--
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/