After my first cup of coffee this morning, I checked my overnight e-mail's, as I usually do. One of them caught my eye immediately.
It was an e-mail, purportedly from Amazon.com, saying they were suspicious of a purchase I supposedly had just made and wanted to check if I had really ordered it. According to the e-mail, it was a $3,900 purchase for aPanasonic HDTV, apparently done through TigerDirect. They wanted me to verify if I had really ordered this product.
Of course, I did not order a TV and this immediately raised a warning flag that someone had obtained my credit card information and was using it for a purchase. In the past, I have ordered from both TigerDirect and Amazon, so it appeared legitimate, at least at first. But, of course my next thought was that this may be a scam to get my personal data.
So I started closely examining the e-mail. It looked legitimate, with all the proper colors and logos that Amazon uses. But, the language of the e-mail made me very suspicious. It appeared to be written in English that was less than perfect, almost obtuse. So I decided to immediately check the link they wanted me to log into to verify my purchase. That is always the dead giveaway for a phony phishing e-mail.
The link look legitimate and was spelled out exactly on the screen, using something like this:
https://www.amazon.com/security/fraudcheck/ect........
But, I learned a long time ago to point at the link with my mouse (not clicking it, of course), then look down at the lower left corner of my e-mail program to see the actual link address. In this case, the real link was not Amazon.com, but some other unsecured website, probably in some foreign country. Now, I knew...this was a phishing scam.
In the past, I have received several phishing scam e-mail's. Most appear to be from banks (including two that I do bank with), asking me to verify my account information. They were obviously frauds. But it appears that phishers have learned to use one of the most motivating factors to up their connect rate...fear.
Who among us is not afraid to have their credit card data stolen? I think most of the phising scams we will receive in the future will use fear as their hook. Just remember, before you panic, use the above trick I mentioned to see if the e-mail is legitimate. If the link doesn't match, you know you have a phishing scam e-mail.
Interestingly, I went to the Amazon.com web site to report this scam. I tried to e-mail them a copy of the e-mail, following their on-screen instructions, but neither time would the e-mail go through, so I just gave up. I suspect they have so much e-mail about phishing scams that they are not accepting any more. Whatever...I tried to be helpful.
No comments:
Post a Comment