HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » Heads up on this phishing...

Wed Jan 22, 2020, 09:32 PM

Heads up on this phishing e-mail I got from "Amazon"

I got this e-mail today telling me that I needed to "update my credit card because it expired and my Prime account was in jeopardy". It looked absolutely legit. Of course, it wanted me to **click the link** to update my credit card info. HA! I went on Amazon's website, and there was NOTHING wrong with my account, so I reported it to: stop-spoofing@amazon.com. It's a scam a minute out there. Be careful, my friends.

35 replies, 3922 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 35 replies Author Time Post
Reply Heads up on this phishing e-mail I got from "Amazon" (Original post)
Trailrider1951 Jan 2020 OP
hlthe2b Jan 2020 #1
Iggo Jan 2020 #18
TheBlackAdder Jan 2020 #2
Cal Carpenter Jan 2020 #34
Raven Jan 2020 #3
marble falls Jan 2020 #4
Different Drummer Jan 2020 #5
samnsara Jan 2020 #27
dflprincess Jan 2020 #8
Wounded Bear Jan 2020 #10
marble falls Jan 2020 #12
CloudWatcher Jan 2020 #13
Clash City Rocker Jan 2020 #28
Vogon_Glory Jan 2020 #32
Totally Tunsie Jan 2020 #6
bucolic_frolic Jan 2020 #7
TruckFump Jan 2020 #9
Wounded Bear Jan 2020 #11
wnylib Jan 2020 #14
lastlib Jan 2020 #21
Wounded Bear Jan 2020 #22
wnylib Jan 2020 #25
Haggis for Breakfast Jan 2020 #15
AllyCat Jan 2020 #16
Iggo Jan 2020 #17
Bev54 Jan 2020 #19
cwydro Jan 2020 #24
Jamastiene Jan 2020 #20
jg10003 Jan 2020 #23
Tracer Jan 2020 #33
jg10003 Jan 2020 #35
samnsara Jan 2020 #26
Clash City Rocker Jan 2020 #29
Name removed Jan 2020 #30
Ilsa Jan 2020 #31

Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 09:37 PM

1. Yes... If there is any problem with credit card for PRIME or subscriptions, a red notice pops up

on Amazon itself. I know because my credit card expiration date needed to be updated when I got my new card. It also pops up when you try to buy something (obviously). They definitely DON'T email you with a link to update.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to hlthe2b (Reply #1)

Wed Jan 22, 2020, 11:47 PM

18. Yep, they let you know when you try to buy something.

Til then, why would they even care?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 09:40 PM

2. Funny thing is, most new spam are generated using Amazon Web Services.

.

You get the expanded information on the email, and it will show you the sender IP address.

Open a DOS or command window and type in: nslookup xxx.xxx.xxx.xxx

This will show you the domain name of the sender. Most new spam originates from Amazon.

.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to TheBlackAdder (Reply #2)

Thu Jan 23, 2020, 12:00 PM

34. AWS controls about a third of the cloud

last I checked. So a huge amount of email providers, web hosts, etc are via AWS.

There's no fucking avoiding them. As a small retail business owner watching Amazon stick its hand in more and more industries and creating vertical monopoly (not just selling, but branding and manufacturing and content creation and food and shipping and....) I can only hope that it somehow implodes. Because it's not like anyone is enforcing anti-trust regulations this century.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 09:55 PM

3. I've gotten that same message twice.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 09:57 PM

4. I first thing I do is look at the sender's adress. Its always a giveaway if ...

its a scam or not.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to marble falls (Reply #4)

Wed Jan 22, 2020, 10:01 PM

5. I do the same.

If the two-letter code for a foreign country is part of the sender's address, it's very likely a scam.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Different Drummer (Reply #5)

Thu Jan 23, 2020, 08:23 AM

27. yep always look at the address!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to marble falls (Reply #4)

Wed Jan 22, 2020, 10:46 PM

8. Even when the address looks legit

I never click the link in the email, I go out to the bank's (or whoever's) site and check my account.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to marble falls (Reply #4)

Wed Jan 22, 2020, 10:56 PM

10. And make sure there aren't 55 addresses that you are replying to...

welcome to spamalot if you click on that.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Wounded Bear (Reply #10)

Wed Jan 22, 2020, 11:04 PM

12. I've had a fools luck so far!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to marble falls (Reply #4)

Wed Jan 22, 2020, 11:10 PM

13. Not enough!

The email "From" and "Sender" are easily forged. I get fake email from my own email address all the time. Decades ago I demo'd this by sending my boss an email from his boss firing him (um, he was watching as I did it ... it was a demo).

Two suggestions:

1) Never click on links in email. Use your own bookmarks and go to the website. The only
exception is for two-stage authentication emails where you're confirming that you own the
email address and are expecting it.

2) If you want to see where it came from, use your email viewer to look at all the headers and try
and figure out the path used to send the email by the data recorded in the "Received" headers.
This can be useful, but is not for the faint-of-heart (or poor of eyesight). But even if the email was
sent from a normal email server, it doesn't mean it's legit.




Reply to this post

Back to top Alert abuse Link here Permalink


Response to CloudWatcher (Reply #13)

Thu Jan 23, 2020, 08:40 AM

28. Yeah, and scammers will sometimes call you from your own phone number too

That way, you can’t block the phone number.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to marble falls (Reply #4)

Thu Jan 23, 2020, 09:24 AM

32. Yep, check the sender's e-mail address

Not only are foreign e-mail addresses red flags. But so are a lot of the innocuous-sounding dot com addresses.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 10:22 PM

6. Thanks for the info.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 10:43 PM

7. Always look at the origination email address

they never match anything from the supposed sending company. I've gotten these for 20 years. Don't know how anyone could get taken in on them, they are so transparent.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 10:51 PM

9. Yep, I got the "Your Amazon account has been blocked..." bullshit yesterday.

So, of course, I like you went to Amazon and checked. All was fine.


Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 10:59 PM

11. I get bullshit like that from most of my accounts from time to time...

always check the return address, as has been said in replies above.

I especially love the notices to 'Unsubscribe' from sites and services I've never heard of.

It's a dangerous world out there.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 11:15 PM

14. Haven't had email scams lately but I keep

getting scam messages on my phone.

First was a message about something wrong with my SS account. Ssid 'they' had bern trying to reach me about an irregularity with my SS account. If I did not get back to them, they would assume it was fraud and would prosecute. I had just checked my online account the day before because I got an email from SS to say I had a new message. The message was a letter about the cost of living raise.

I called SS to ask about the fraud threat. They said it was a current scam and to ignore it, but checked my account to verify that it was ok, no problems.

2 days later and almost every day since, I get recorded messages that are not complete. Sounds like the first part is cut off, as if the message started playing before the voice mail could start recording. It instructs me to press a number if I want my refund.

I did not work last year, so I have no IRS refund due. Noting else I would get a refund from. Checked online about refund scams. Found something about IRS scams. Not sure quite how it works. Something about false returns filed in someone's name and offers to help collect the refund. Scary part about that is how could anyone file a return without a SS number? Now I'm worried that my tax preparer's system was hacked.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to wnylib (Reply #14)

Thu Jan 23, 2020, 12:30 AM

21. I got a call from the "Department of Social Security Administration".

I'm wise enough to know that the real "Social Security Administration" ISN"T a "Department," ergo, doesn't have the word "Department" in its name. So I played with the caller: "THE Department of Social Security Administration?? From the GOVernment?" (If he says "yes," he has committed a fraud!) He just repeated the name. "You're the folks who collect my FICA taxes? Hey, I've been wanting to call you guys!" Then I went on about how I was trying to fix something that related to my FICA account. He asked for my SSN, and I gave him a number that I knew from my tax experience would not be a valid SSN. Then I asked him for his name, first and last, which he naturally wouldn't give me. I asked him for his company name; when he gave me the "Department Of" BS, I again asked if he was from the government. This time he slipped up and said he was. So I informed him that he had just committed a fraud, and he hung up.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to lastlib (Reply #21)

Thu Jan 23, 2020, 12:43 AM

22. Ask them if they work for the Department of Redundancy Department...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to lastlib (Reply #21)

Thu Jan 23, 2020, 08:12 AM

25. I don't get to talk to anyone on these calls.

I don't answer for numbers that I or my phone don't recognize. I can call back if they leave a message. But these messages are cut off at the start with no introductory message. No name or agency identification. Just instructions to press a number if I want my refund. What kind of message is that? Pressing a number on a message would not get me to any extension on a message.

Maybe that's the point, to make me curious enough to answer when they call.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 11:19 PM

15. I got a notice that my "cloud storage" was in jeopardy of being destroyed.

Hahahahahahahahaha. I've never stored anything in the cloud.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 11:31 PM

16. I got one from FedEx. Delete them all!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 11:42 PM

17. I got one of those from "Apple" last year.

Went to the real Apple website and same as you, found nothing.

I still changed my password, though. 😂

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Wed Jan 22, 2020, 11:56 PM

19. I get these constantly

from Amazon and from almost every "phone" and "cable" provider and monthly from Netflix, all saying my payment did not go through and I need to update my credit card information. I ignore them all, if I am really behind someone will call me. You can usually tell by their email address.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Bev54 (Reply #19)

Thu Jan 23, 2020, 03:42 AM

24. Wow, I've never gotten any of those from anyone.

You must be on some list somewhere. Yikes.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Thu Jan 23, 2020, 12:12 AM

20. Thank you for this.

I have had to be in constant contact with my bank because of so many of those types of messages. I am glad you warned about this on here. It is a big help to know what to look out for.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Thu Jan 23, 2020, 12:52 AM

23. advice from a systems programmer for 30 years

NEVER CLICK ON A LINK IN AN EMAIL - THERE ARE NO EXCEPTIONS.

The email may look completely real.
The sending address may look totally legitimate.
The email may contain personal information that will make you believe it's real (e.g. mother's maiden name, your social security number, your credit card number, etc.).
It doesn't matter - do not click it. Go the site of the alleged bank, electric company, cable company, cell phone company, or whatever, and login. if you do not know the company's site then Google it. Do not use the site address given in the email.

Do this even if you are 100 percent certain the email is legitimate.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to jg10003 (Reply #23)

Thu Jan 23, 2020, 11:54 AM

33. Is it OK to just open up the email?

I'm super careful about emails from people/companies that I don't know and ALWAYS look at the address they are coming from.

But occasionally I will accidentally open up the email. Does doing this trigger anything awful other than just more emails from that person/company?

Thanks in advance.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Tracer (Reply #33)

Thu Jan 23, 2020, 04:36 PM

35. If using Outlook or firefox, read the email in the preview box,but do not open it in a new tab

or window. also don't download any attached files. Btw, this applies to all emails, even those from family and friends.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Thu Jan 23, 2020, 08:22 AM

26. Thank you!! I'm usually very skeptical of anything that asks me to give info and I check..

..the site first. "Paypal" also sends these out.


The one i nearly fell for was from "Medicare" wanting info. so they could send out a back brace. At the time I was caring for my elderly parents and that call came at the exact time I was looking for info about their medicare...and mom was needing a brace. When they asked for moms SS# I asked if I could get the info and call them back. Nope they needed it now. Not only did it send a red flag it pissed me off too. So I hung up and blocked their number.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)

Thu Jan 23, 2020, 08:52 AM

29. No email like this is ever legit

Any email that claims to be from a company or business entity that gives some ominous warning and asks you to “click here” to fix it is either trying to give you malware or is about to ask for a credit card number or social security number for illicit purposes. Legitimate companies don’t work that way.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Trailrider1951 (Original post)


Response to Trailrider1951 (Original post)

Thu Jan 23, 2020, 09:05 AM

31. K&R. nt

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread