More “Phishing pfor Psuckers”

Text of an email I received recently:

Dear Customer,

Your order has been successfully canceled. For your reference, here’s a summary of your order:

You just canceled order 162-427-72682 placed on May 11, 2012.

Status: CANCELED

_____________________________________________________________________

1 “Mounts”; 2003, Second Edition
By: Jamie Turner

Sold by: Amazon.com LLC

_____________________________________________________________________

Thank you for visiting Amazon.com!

———————————————————————
Amazon.com
Earth’s Biggest Selection
http://www.amazon.com

Now, someone who wasn’t paying any attention (or is just too stupid to waste oxygen on) could easily have been caught out by this. There were links to a malware installation on both the purported “order number” and on the text referring to Amazon.com at the end of the email.

But… this one was just too, too easy to resist. First, I knew I’d not placed such an order. “But then,” someone might say (though certainly not YOU, gentle reader), “surely that would lead one to click the link to check on that order. After all, someone might be using one’s stolen Amazon ID to make purchases!”

Except, not mine, and I’m not clicking on ANY obscured link in an email without KNOWING where it leads. Not happening.

But, I did look at the email’s source text and see that the links were NOT to Amazon but to a site that would steal my Amazon creds were I to go there and log in. Except that neither my browser nor LastPass would recognize the site and offer to log in for me, were I to be foolish enough to have clicked the links anyway.

Oh, and the email was to an account that is not in any way, shape, fashion or form associated with my Amazon account, nor has it ever been. Sure, all my email accounts are polled and gathered by one account, but I checked which account the email had been sent to, AND the form is not what I’d have received from Amazon, what with a few pertinent details missing.

So, just taking few seconds to do a coupla quick checks averted the possibility, remote though it is given my other simple measures, of having my Amazon account credentials stolen.

It’s not hard and doesn’t take any time at all, but I’ll bet a few mouth-breathing, knuckle-dragging oxygen sinks with fewer active brain cells than a cracked crock of kimchi will fall for it.

5 Replies to “More “Phishing pfor Psuckers””

  1. I’m glad to have folks like you to keep reminding me not to be taken in. For the past several months I keep getting a reminder that my brand new Dell laptop computer is ready to be shipped and all they need is my address verification. Had I not known about this type of phishing I might have clicked on it. Now I just flush it with the rest of the trash.

Leave a Reply

Your email address will not be published. Required fields are marked *