... Or if you prefer, Subscribe by e-mail 
... What is RSS?
Once again, I would like to advise you against clicking on things you get in your E-mail, even if they look legitimate, without being 100% sure. I received the request below from “Amazon.com” in my email and some flags went up immediately.
First, I don’t have an account with Amazon. That in and of itself is a dead giveaway.
Second, if I did have an account, I am sure they would have used my log-in as a salutation as my other accounts do, not just “Greetings” for such an important notification of my account status.
Third, if it involved my bank account, my bank would have notified me in writing of any changes requested for verification. My bank would actually call me on the phone, or I would have called them.
This LOOKS pretty legitimate, doesn’t it?
Greetings from Amazon Payments ,
Your bank has contacted us regarding some attempts of charges from your credit card via the Amazon system. We have reasons to believe that you changed your registration information or that someone else has unauthorized access to your Amazon account Due to recent activity, including possible unauthorized listings placed on your account, we will require a second confirmation of your identity with us in order to allow us to investigate this matter further.Your account is not suspended, but if in 48 hours after you receive this message your account is not confirmed we reserve the right to suspend your Amazon registration. If you received this notice and you are not the authorized account holder, please be aware that it is in violation of Amazon policy to represent oneself as another Amazon user.
To confirm your account identity click here:
http: //www.amazon.com/exec/obidos/account-access-login/ref=/index
Best Regards ,
Amazon Security Department
I thought, why not investigate this a little further. If I can help prevent others from being scammed by this type of underhanded thief, then I will.
What do they really want?
Your log-in information, your password, your bank account information, your credit card information, your Identification and Identity. Anything they can use for their benefit. They do this by redirecting links. What you see may look like a link to a site where you are member, but it probably isn’t.
This is what I found by hovering over the link they had showing as Amazon:
http: //www.ghtraining.co.nz/images/index.html
There doesn’t seem to be any affiliation at all with Amazon. As a matter of fact, it is from New Zealand, Amazon is in the US. I did check out ghtraining.co.nz, and they seem to be a legitimate Training Company that specializes in construction apprenticeships. If so, their identity has been stolen as well.
Upon clicking the “page” on ghtraining, I was redirected to what looked like a legit Amazon login landing page.
But upon looking at the URL,
http: //219.150.142.40/icons/gp/css/homepage.html/ref=topnav_ya_gw/104-7169168-6267916/amazon/exec.php?cmd=sign-in
it is NOT Amazon, it is another redirect to secure your secure information. Your password.
Once they have that, they can access your account, your personal and financial information and rob you blind. You wouldn’t even know about it until you got your bank statement and you had no money in your account.
In the 3-D world, I am sure you take certain precautions with your personal information. You probably shred your Old Bank statements, destroy expired credit cards by cutting them into little pieces, and maybe even rip up the carbon paper from a financial transaction.
Why not be as cautious with your personal information on the Internet?
I have a few tips to help if there are questions of the legitimacy of this type of E-mail.
1. Internet Explorer (Windows) has an option in the view section of the toolbar to allow the status bar, as I’m sure other Operation Systems do. Activate it. When you hover over a link, it will show in the status bar where the link would lead if you actually clicked on it.
2. Do Not click on a link. Even though it may look legitimate. Access your account through regular channels. Log-in in the usual manner. If there is a problem, you can find out by looking at your account status using the proper channels.
3. Report the scam to the service in question, Amazon, PayPal, AdSense, whatever company it involves. Provide such things as the URL, IP address or any other information you can.
4. Be Aware. If you did not initiate the communication, you need to question it’s validity. Contact them directly.
I know we won’t be able to stop this type of scam from happening, but hopefully, we can be prepared for when they try to attack us through deceptive means.
Anyone have tips to add to that list? We can use all the help we can get.
Related Posts:
7 Steps I’ve Tried to Stop E-Mail Address Hacking
Is Someone Hijacking My E-mail?
[tags]Amazon,PayPal,Scam,Email,Identity Theft,Security,Redirects[/tags]
