more on Amazon Phishing scam - BEWARE!

[David Farber <dave () farber net>]

Begin forwarded message:

From: Bob Frankston <Bob2-19-0501 () bobf frankston com>
Date: December 3, 2005 11:48:54 AM EST
To: dave () farber net, ip () v2 listbox com
Subject: RE: [IP] Amazon Phishing scam - BEWARE!

Once again those phishers. I don't have much new to say but can tie
together a few aspects.

I wish those with the most to lose would put up a few billion dollars to
track the varmints down. Not that that is a real solution but it is a
social problem. I fear, though, that they will just go after the usual
suspects -- I wonder how many alpha phisher/spammers there are. Reducing
the problem might make it worse - at least now everyone is wary  
though not
to the point of not doing online transactions -- yet.

Since I do my own mail processing I've marked a number of accounts as
suspicious and will mark any message that doesn't have an appropriate
"received from" address as suspicious. I also flag messages with other
suspicious content such as a % in a URL address. Same for a whole  
list of
suspect attachment types.

This is something I can do because I do my own mail processing and my  
own
popfile handling. It's not necessarily an approach that can be done
generally because, for example, many senders seem to be utterly clueless
and do things like sending mail from internal sites not listed in the  
DNS
or from third party mail providers. There's technically nothing wrong  
with
that -- it's just a useful heuristic for me to use for critical sites. I
can't follow a path through "received" lines to establish a chain of  
trust
As I've mentioned in the past I'm surprised that third party mail sites
that might me "xyzzyx.whatever" mailers don't get subdomains from their
clients.

Note that I don't block the messages I just wrap them and say  
"suspicious"
but it's worked remarkably well.

What makes phishing so interesting is that it is really a confidence  
game
and preys upon our basic need to have simple trust heuristics. As with
other aspects identity theft the victim is blamed for being careless  
rather
than human. There's still insufficient recognition that these attacks  
are
indications of our failure to scale social mechanisms to the new  
landscape
and that we need to presume phishing will happen and deal with it rather
than putting the onus on the user to track down all of consequences.

For the credit card companies it's just a cost of doing business and
cheaper for them to choose to blame some users than to actually have to
take responsibility. I don’t expect the current administration to be
capable of being an advocate for consumers but that's another topic.

I feel it's World War I again and the British generals assume that  
they can
get past those machine guns with another few thousand troops -- after
60,000 they did. Today we keep email logs and comedians seem to reflect
popular naïveté and wonder why we don't just use profiling to solve our
problems.


-----Original Message-----
From: David Farber [mailto:dave () farber net]
Sent: Saturday, December 03, 2005 07:06
To: ip () v2 listbox com
Subject: [IP] Amazon Phishing scam - BEWARE!
Importance: High



Begin forwarded message:

From: John Nigro <jnigro () bestimage com>
Date: December 2, 2005 3:38:35 PM EST
To: dave () farber net
Subject: Amazon Phishing scam - BEWARE!

Dave –



Please post (and edit if need be) if you deem worthy.



John Nigro

------------------------------------------------------------------------
------------------------------------------------------------------------
---------------------------------

I just received an email to my hotmail account from payments-
messages () amazon com with the following text:



Greetings from Amazon Payments.

Your bank has contacted us regarding some attempts of charges from
your credit card via the Amazon system. We have reasons to believe
that you changed your registration information or that someone else
has unauthorized access to your Amazon account Due to recent
activity, including possible unauthorized listings placed on your
account, we will require a second confirmation of your identity with
us in order to allow us to investigate this matter further. Your
account is not suspended, but if in 48 hours after you receive this
message your account is not confirmed we reserve the right to suspend
your Amazon registration. If you received this notice and you are not
the authorized account holder, please be aware that it is in
violation of Amazon policy to represent oneself as another Amazon
user. Such action may also be in violation of local, national, and/or
international law. Amazon is committed to assist law enforcement with
any inquires related to attempts to misappropriate personal
information with the intent to commit fraud or theft. Information
will be provided at the request of law enforcement agencies to ensure
that perpetrators are prosecuted to the full extent of the law.




To confirm your identity with us click here:

<link>

Here was a link that went to a very realistic page asking for me to
first sign in, then for my CC#, PIN#, address, etc. I almost started
to do so and then saw that the page was http:// and not https:// -
and was not secure.

THIS IS A PHISHING SCAM! – DO NOT even sign in – they will then have
your log-in info. I have already changed my Amazon password and
recommend you do too, even if you don’t get one of these.



-------------------------------------
You are subscribed as BobIP () Bobf Frankston com
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting- 
people/





-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/