Amazon Phishing Email

[Bugsy]

Below is a phishing email I've just received from Amazon. I very nearly opened it as we do order from them.

I've * a few numbers to render it dead.

Stay alert people...................

From: "order-update@ama*zon.com" <order-update@a*mazon.com>

Date: Thu, 4 Mar 2010 07:59:50 +0400 (UTC)

To: <***********l@wana*oo.fr>

Subject: Amazon.com - Your Confirmation (867-4525087-1036391)

 Dear Customer,

Your order has been successfully confirmed. For your reference, here`s a summary of your order:

You just confirmed order #637-868009-63576

Status: CONFIRMED

_____________________________________________________________________

ORDER INFORMATION <http://62.146.***.69/~wanet000/us.htm l>

Sold by: Amazon.com, LLC

_____________________________________________________________________

Because you only pay for items when we ship them to you, you won`t be charged for any items that you cancel.

Thank you for visiting Amazon.com!

---------------------------------------------------------------------

Amazon.com

Earth`s Biggest Selection

http://www.a*azon.com

---------------------------------------------------------------------

 

-

[DerekJ]

Thanks for the warning I order quite regularly from Amazon so I'll be extra wary in future.

I guess the giveaway is the "Dear Customer".  I went back and checked my Order Confirmations from them and they are addressed to me personally.

[Quillan]

I have had a few of these and some from Ebay saying my goods were on the way. Another one from Amazon is about you having credit in your sellers account (thats if you sell second hand books etc)and they want your bank details to send you the money. Strangely I have never sold anything on Amazon. The 'golden rule' is as Derek says, if its not got your name IN it (as opposed to Dear Customer) then bin it.

[Judith]

I've just checked my last Amazon order (UK) - it does start Dear Customer, so that is not a dead cert for a problem, however, it does then go on to say that my order will be delivered to ... name and address as given when ordering... etc.

As I recall, without checking, the Amazon confirmation email comes within seconds of ordering, and gives all the details, cost, delviery dates, and a link to check your progress.  This one gave none of that.

But as you say, if you hadn't ordered much, you may not know all of what I've just typed, so best to be aware.

[DerekJ]

As Judith says, the confirmation of order is always within seconds of placing the order. I've gone back in and checked mine and all of them are addressed to me, personally. These come from their auto-confirm email address.

However, their confirmation that the order has shipped is addressed to "Dear Customer" but has name and ship to address plus details of the order, so is personalised in that respect. That email comes from their auto-shipping email address.

btw, these comments are based on my orders from Amazon UK... not France.

[Chancer]

Bugsy, you say that you nearly opened it but surely you must have done so to have read the content, no?

Does opening one of these mails put you in any danger?

It doesnt seem to be asking you to click on any links, verify password or give bank details so what makes you think it is phishing other than perhaps not having ordered from them at that time?

I would have opened it so would like to know more about the risks of doing so.

Thanks

[Suandpete]

I received one almost exactly the same - the part after: order information in the middle of the email is actually a link and I guess whoever sent it expects you to click on that link.

I have also had about 5 dodgy emails today allegedly from paypal - I get them quite regularly but not normally this many.

[Quillan]

Chancer, I think he means that he read the content via the viewing pane but did not click on the link. The link will probably take you to a false login and ask for some details etc or alternatively download something nasty on to your computer.

Mailwasher allows you to view emails on the server and delete them or mark them as spam for deletion and 'bounce'. Very handy if you prefer to download them in to Outlook or Outlook Express. It will always show the actual URL of the link and you can see that its on a strangely named server somewhere and if it will run a script or just open a page. I use it as Orange does have problems at times telling the difference between SPAM and a real email so I disabled it and use Mailwasher instead. At least I can have a quick look before it deletes it.

[Bugsy]

[quote user="Quillan"]

Chancer, I think he means that he read the content via the viewing pane but did not click on the link. The link will probably take you to a false login and ask for some details etc or alternatively download something nasty on to your computer.

[/quote]

That is correct, sorry if I didn't make that clear.

.

[AnOther]

IP addresses 62.146.126.0 to 62.146.126.255 are registered to Poland.

There is an abuse link in the whois results page below, I suggest you use it [;-)]

http://whois.domaintools.com/62.146.126.69

[Cat]

Unless Bugsy has changed the link contained in the email, it leads to a website selling viagra and the like.

So not phishing as such, just advertising. 

Should still be reported though.

[Chancer]

So to be clear, one recieves an E-mail with "Your Amazon order" or similar in the subject header, one opens it (as I have several times) but does not click on any links etc, is there any danger?

I am using hotmail if it makes any difference.

Another question, can they tell that you have opened the E-mail which may lead to further spam?

Which leads to my final question, me ex once told me that important work E-mails she sent as accuseé de reception but I could not work out how she did this, can this be done, can we tell if a message we have sent has been recived or read? If this is the case can we also tell if E-mails we recieve are recorded delivery?

I realise that in the case of electonic mail delivered does not imply read.

[Quillan]

[quote user="Chancer"]

So to be clear, one recieves an E-mail with "Your Amazon order" or similar in the subject header, one opens it (as I have several times) but does not click on any links etc, is there any danger?

[/quote]

No not normally. However you can set Hotmail to have a 'Viewing Pane' to either the side or at the bottom of your Hotmail screen. This allows you to preview the email without actually opening it. To do this go to the Options on the far right at the top of the Hotmail screen and select More Options and a new screen will be displayed with all the options in Hotmail. The one you are looking for is under 'Customise your mail' and its called 'Reading pane settings', click on this and you can select 'Right', 'Bottom' or 'Off' (default). The other options below this are self explanatory. This is not the same as opening the email which is done by clicking on the email.

[quote user="Chancer"]

I am using hotmail if it makes any difference.

[/quote]

Not really.

[quote user="Chancer"]

Another question, can they tell that you have opened the E-mail which may lead to further spam?

[/quote]

It is possible depending on what software they use to send the email. Normally they take you off the list if their email 'bounces' which is where the server is unable to receive the email because the account does not exists so it sends an email back to the sender telling them the account does not exist. The point about using products like Mailwasher is that it can simulate a 'Bounce' so it appears that you don't exist. They also report the emails automatically to several of the commercial 'anti spam' databases so Mailwasher (and other programs) already know that an email is spam and process it automatically like bounce the email then delete it.

[quote user="Chancer"]

Which leads to my final question, me ex once told me that important work E-mails she sent as accuseé de reception but I could not work out how she did this, can this be done, can we tell if a message we have sent has been received or read? If this is the case can we also tell if E-mails we receive are recorded delivery?

I realise that in the case of electronic mail delivered does not imply read.

[/quote]

More sophisticated email programs like Outlook can tag an email you are sending to notify you when it arrives at the recipient or when the recipient opens it or both. Whilst notification that your email has arrived at the correct address is automatic the read option requires the recipients authority i.e. you get a box come up when you open the email to say something like "Fred Bloggs has requested a read receipt" followed by the option of Send or Cancel then its up to the recipient what he/she does. There is also 'plug in' software around that can do this automatically without the recipient knowing although the free versions tend to advertise themselves in the email but of course its already told the sender the email has been opened and the recipient can't stop it. As far as my Hotmail account is concerned I can't see any option to tell me if a person has either received or opened an email but then it is a very basic browser based email system. Be aware that Hotmail accounts are not secure, you can buy account names with passwords over the internet. Last time they discovered such a list was in October 2009, the list contained over 30,000 addresses with passwords (Google "Hotmail Accounts Hacked"). The Hotmails servers, along with other ones like Gmail etc have been hacked several times over the years and millions of email address's taken which is why commercial companies ban people from using them. An idication (but not proof positive) that your account has been hacked is if you receive a 'bounced' email back but you never sent it in the first place.

Hope that helps.

[Chancer]

Fascinating, thank you for taking the time Quillan.

I am only taking a tea break at the moment but when I have time I will follow your advice re viewing pane.

I like hotmail, I set it up when I travelled and have a good user name that still suits me, I also like not having had to change e-mail addresses when I have changed internet providers and countries.

[Quillan]

No problem.

If you travel with a laptop you may be interested to know that you can use Outlook and Outlook Express with Hotmail. The advantage of this is that your emails are downloaded on to your PC and stored there. If you have to use a 3G key, have limited WiFi access or use a modem you can download the emails, disconnect, answer the emails at your leisure, reconnect and send your answers when you have the time. You can also create emails at your leisure and send them when you want. You gain the added security of keeping all your emails on the Hotmail server and a backup on your local PC.

[Chancer]

No laptop, no mobile phone hence no 3G key, no computer or telephone in the UK and no prospect of affording any of these luxuries in the near future.

This does however mean a simple life and NO PROBLEMS! or at least very few. [;-)]

Its funny how the world changes, nowadays people think it is natural to take a laptop when travelling, it was only 5 years ago when I last travelled (2004) I only met one person in all the countries that I visited that had taken one, a Japanase guy in Quito.

The time before that 1989 there were no internet cafes, or cash card machines let alone those that accepted UK cards, travellers cheques were the order of the day as well setting up bank accounts in advance and having money wired to the country before you arrived, communication was only possible by poste restante.

[Bugsy]

[quote user="Chancer"]

No laptop, no mobile phone hence no 3G key, no computer or telephone in the UK and no prospect of affording any of these luxuries in the near future.

This does however mean a simple life and NO PROBLEMS! or at least very few. [;-)]

[/quote]

.[:-))] how can you possibly fuction without one of these ?

.