- Joined
- Dec 8, 2003
- Messages
- 1,089
- Reaction score
- 0
Received one today with my email address on it. The usual:
"Greetings from Amazon Payments.
Your bank has contacted us regarding some attempts of charges from your credit card via the Amazon system. We have reasons to believe that you changed your registration information or that someone else has unauthorized access to your Amazon account Due to recent activity, including possible unauthorized listings placed on your account, we will require a second confirmation of your identity with us in order to allow us to investigate this matter further. Your account is not suspended, but if in 48 hours after you receive this message your account is not confirmed we reserve the right to suspend your Amazon registration..."...
But other than that, here's another obvious catch. The link which is left in the email to be clicked on looks like this:
https://www.amazon.com/exec/obidos/flex-sign-in/ref=pd_irl_gw_r/103-3177084-7567864?opt=oa&page=recs/sign-in-secure.html
but is actually a spoof and if you click on it will take you to:
http://secure.amazon.com.dec9es.com...&ref=esp&[email protected]
So after you go there and change your email to ****@you.com and enter your made up password "yourmotherstits" you will next be taken to a page where you are asked for your credit card details. But interestingly enough, all other links on that page will lead to legitimate Amazon pages. So if some less-savvy folks do get suspicious and click on any other links they will be "quietly" reassured by the legitimacy of other (real Amazon) pages.
I guess this is one of the more sophisticated emails I've seen lately (without any spelling mistakes), but nevertheless it's crap and people should be aware of the lengths that some of these bastards will go.
The only thing that left me puzzled is that dec9es.com was registered today?
"Greetings from Amazon Payments.
Your bank has contacted us regarding some attempts of charges from your credit card via the Amazon system. We have reasons to believe that you changed your registration information or that someone else has unauthorized access to your Amazon account Due to recent activity, including possible unauthorized listings placed on your account, we will require a second confirmation of your identity with us in order to allow us to investigate this matter further. Your account is not suspended, but if in 48 hours after you receive this message your account is not confirmed we reserve the right to suspend your Amazon registration..."...
But other than that, here's another obvious catch. The link which is left in the email to be clicked on looks like this:
https://www.amazon.com/exec/obidos/flex-sign-in/ref=pd_irl_gw_r/103-3177084-7567864?opt=oa&page=recs/sign-in-secure.html
but is actually a spoof and if you click on it will take you to:
http://secure.amazon.com.dec9es.com...&ref=esp&[email protected]
So after you go there and change your email to ****@you.com and enter your made up password "yourmotherstits" you will next be taken to a page where you are asked for your credit card details. But interestingly enough, all other links on that page will lead to legitimate Amazon pages. So if some less-savvy folks do get suspicious and click on any other links they will be "quietly" reassured by the legitimacy of other (real Amazon) pages.
I guess this is one of the more sophisticated emails I've seen lately (without any spelling mistakes), but nevertheless it's crap and people should be aware of the lengths that some of these bastards will go.
The only thing that left me puzzled is that dec9es.com was registered today?
