Watch out for Amazon bait

Been getting a couple of emails saying my Amazon order is on hold. I do a lot of business through them, but this sounded a little suspect.

It was. A lot suspect.

Here’s the text of the email:


Your Amazon Order needs Urgent Attention Eric
Order # 687cd87779a67d9796f951915bb564f5 View order details

Amazon Email: eric@ericpulsifer.com
ORDER PLACED: June 24 2016
SHIP TO: Eric View order details
ORDER STATUS: NOT CONFIRMED

Confirm your Order

Have a wonderful Day – Amazon

with one visit, you will be removed from our list. go here Write to This Address : 6500 hickory valley way knoxville tn 37918-5157


First off, what Amazon order?

This isn’t the first phishing attempt I’ve seen that uses Amazon as a cover. Hey, the company’s so big. They ship out a lot of stuff. It’s easy to lose track of all your orders. They use ground carriers. Which is no surprise — so many online hucksters use such emails to harvest your information.

There’s a special section in Hell for folks such as these. And if there isn’t, there should be. Maybe a special section where the most up-to-date technology is tin cans and string.

If you have even a rudimentary knowledge of online life and your BS detector is semi-operational, this one isn’t difficult to sniff out. In your email reader, look around the FROM header or swing your mouse over the link. It’s sloppy, but you’ll find the actual source of the email.

In this case it’s info@electrikoffredoms.com.

Like, who?

Also, swing your mouse over any hyperlinks. There’s not an Amazon to be found in any of the real addresses shown. Surprise surprise.

Oh, yes. Goes without saying. Anything that looks like a link, don’t click on it. Don’t click. Don’t … ohh crap …

I get asked this a lot, particularly on Facebook: So what’s the harm of clicking?

I haven’t checked this specific one, but all kinds of things can happen when you click unknown links. A goodie can be installed on your computer to suck up your personal information. A virus. A piece of malware. Something that may take over your email box and use your address to send out more delightful missives such as this one.

Scared yet?

I have two Amazon accounts; one for purchasing and one for publishing. This email came to the address associated with my publishing account. Another red flag.

This is kind of like my ever-popular PayPal scam. Those phishing attempts are usually in the wrong pond, like to email addresses that have nothing to do with my PayPal account. Oops, try again.

At the bottom of this “Amazon” offering there’s another link to remove my name from that list.

Said the spider to the fly.

Like these guys are invading my email box under false colors anyway. Do you think I’m gonna trust them?

Always be careful when surfing and checking your email. Remember these precautions. Bookmark them, print them, but remember them.

As I’ve written so many times here:

In the meantime, enjoy your computer. Have fun checking out Facebook, Buzzfeed and those cat videos. Feel free to read your news online (including this blog). Buy books from Amazon including mine, heh-heh. Do your shopping online. Use the Internet to make a living. Use the online tools to run several aspects of your life by remote control (like my own use of online banking). It’s safer than it once was, it’s convenient, it’s a Godsend.

But again, be careful.

Share

Identity protection email: Scary or scammy?

keyboard locked and chained
Sometimes it’s tempting.

LifeLock is one of the bigger names in online security. A bit of a mixed reputation (which always comes with the business), but generally solid.

Of some of the reviews, the biggest rap against them seems to be how it’s allegedly impossible to cancel your service. Reviewers say they just keep charging and charging for monthly services until you guess the secret word, but a lot of online companies are like that.

Still … imagine my surprise when I got this email from them. The heading was enough to capture anyone’s attention:

Your Identity May Have Been Stolen

That’s enough to make my innards clench right there. Here’s the letter itself:

Scary email from LifeLock
So I got this email …

Now understand, online security is huge business. Even the best, most legit companies around (McAfee, Norton, Kaspersky) make big bucks from scaring the living fool out of you.

Viruses are scary. Malware is scary. Identity theft is tres scary. Think about it. If the average user’s computer bogs down or acts wonky, he’ll probably suspect it’s a virus right away. Even when it’s not.

While a savvy user can minimize these threats by employing best practices (strong passwords, being careful clicking random links, not doing banking over a public wifi system, keeping all protection systems updated), even the best can run into malware or have the identity stolen.

Okay. I did a little quick-and-dirty detective work. Did this really come from LifeLock like the heading says?

Here’s what I noticed right away:

There are several links from the email, and they all go to the same place (this is not a link, so don’t bother clicking it):

http://quality-quotes.c.topica.com/maasqOsacnIS2b2bhu7eafpY9H/?token2=530246112&token1=239

This will take you to an affiliate’s page. An affiliate is someone who gets a commission from each unit he sells, and he does not work for LifeLock.

By the way, I got that info from right-clicking the link, going to the context menu and hitting Copy Link Location.

I looked up in the “From” block in the email heading and got this:

From: LifeLock <quality_quotes@app.topica.com>
To: [my email address]
Date: 08-25-2015 04:20 PM

With some email clients/systems, you have to click to get that information. But that’s easy and safe to do.

So what does the heading tell me?

It’s not from LifeLock, that’s what. But the aforementioned affiliate link kind of told me that.

This topica.com is a bulk email service. I have no problem with that; I use one (Mailchimp) myself. But you have to sign in to get on the email list unless the affiliate just randomly puts addresses in. And if he does, he’s probably not ethical enough for me to want to deal with him.

At the bottom of the email (I know Mailchimp requires this) there’s a link to unsubscribe. With this one there’s also a link to complain to Topica about unsolicited email. Which I clicked. May not help, but it sure felt good.

***

Anyway, if you get a scary-looking email from a legit company, check it out:

– Where did it really come from — I mean, what email address/domain?

– Where do the links go?

Hey, there’s scary stuff aplenty online and in your email box. A little checking goes a long way in separating the real from the spurious junk.

Usual warnings: Enjoy your computer. Enjoy your online experience. Enjoy those cat videos and stuff. But be careful. It’s a jungle out there.

(For further information, check out my sidebar of best practices for online protection. Though I wrote the list from the top of my head, there’s some really useful stuff. This is really a link, by the way.)

Share