more on Amazon Phishing scam - BEWARE!

[David Farber <dave () farber net>]

Begin forwarded message:

From: Dennis Allison <allison () shasta stanford edu>
Date: December 3, 2005 3:50:05 PM EST
To: David Farber <dave () farber net>
Subject: Re: [IP] more on Amazon Phishing scam - BEWARE!

For IP if you wish...

I get 4 or 5 variations of the Aamazon phishing scam a day and almost
always send them off to stop-phishing () amazon com.  As a user, even
today,of an ascii mail reader, the phishing hacks are usually obvious  
and
in my face.

I have yet to receive any information from Amazon, eBay, or anyone else
about what action they have taken on reported phishing expeditions.   
For a
period of a year and a half, I sent every Nigerian scam letter I  
received
(2 to 6 per day) on to the Secret Service per their request only to find
that they were dumping everything into a bit budket because the  
volume was
too high and they lacked the staff to persue it.  In a couple of  
instances
where I was concerned enough about the phish to contact the targeted
institution directly, the "security" folks would give out no information
citing "privacy" concerns.  My guess is that most phishing mails are not
persued and the ISPs hosting the data gathering pages continue to  
operate,
business as usual.


On Sat, 3 Dec 2005, David Farber wrote:

> Begin forwarded message:
>
> From: "Mike O'Dell" <mo () ccr org>
> Date: December 3, 2005 12:53:16 PM EST
> To: dave () farber net
> Subject: Re: [IP] more on Amazon Phishing scam - BEWARE!
>
> i have adopted a Neo-Luddite approach to all this:
>
> I believe *nothing* of a commercial nature i get in email
> that i cannot vouchsafe with external knowledge.
> even then *I* always initiate contact through
> known channels, rather than accepting a channel
> offered to me.
>
> Sure it's less convenient, but much less annoying than the  
> consequences.
>
> Fer Instance:
>
> I don't believe anything I get about eBay or Amazon
> because I know they don't use email notifications
> precisely because of this.  and i know enough about
> my accounts that i wouldn't believe it even if they did.
>
> if i was concerned, i'd enter the site through a
> known-good DNS name, do a bit of checking around,
> and then login to my account.
> (The status line at the bottom of your browser
> can tell you a LOT about whether a link is bogus.
> Firefox even complains if it fails "obviousness" checks.)
>
> in short, when someone sends you a "shortcut" in an email,
> *ASSUME* it's the Big Bad Wolf providing it *REGARDLESS*
> of who sent the email (either apparently or in fact).
>
>         -mo
>
> "Just click here to <urk!>"
>
> David Farber wrote:
> > Begin forwarded message:
> > From: Bob Frankston <Bob2-19-0501 () bobf frankston com>
> > Date: December 3, 2005 11:48:54 AM EST
> > To: dave () farber net, ip () v2 listbox com
> > Subject: RE: [IP] Amazon Phishing scam - BEWARE!
> > Once again those phishers. I don't have much new to say but can tie
> > together a few aspects.
>
>
> -------------------------------------
> You are subscribed as allison () shasta stanford edu
> To manage your subscription, go to
>   http://v2.listbox.com/member/?listname=ip
>
> Archives at: http://www.interesting-people.org/archives/interesting- 
> people/

--



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/