Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Is this a phishing attempt?

J

jawzzy

macrumors regular
Original poster
May 13, 2007
155
0
New York
So I got this odd e-mail today. I recently bought a cell phone battery on Amazon from a reputable company,SFGate, and it was delivered already. I received this email from kdvujb@lycos.co.uk. Is is a scam?

Dear Amazon.com customer,

We recently noticed one or more attempts to log in to your account from a foreign IP address. If you accessed your account while travelling, the unusual login attempts may have been initiated by you. However, if you did not initiate the logins, please visit Amazon.com Inc. as soon as possible to verify your identity.

This is a security measure that will ensure that you are the only person who can access your Amazon account. Thank you for your patience as we work together to protect your account.

To get started, please click the link below and login to your account:

https://www.amazon.com/gp/yourstore/ref=pd_irl_gw/ie=UTF8&signIn=1

Best Regards,
Amazon.com Inc. Security Center


I wasn't sure where to put this, but since Macrumors is my source for computer help, any help would be appreciated!
 
As an Amazon Associate, MacRumors earns a commission from qualifying purchases made through links in this post.
I would go to amazon yourself, not through the link. Log in to your account and if the security warning is legit, there should be some more info on your account page. If not - contact amazon customer service with that email.
 
Hey, thanks. There was no sign of any warning on my Amazon My Account page, must be a scam.

I'll let Amazon customer service know.
 
jawzzy said:
Hey, thanks. There was no sign of any warning on my Amazon My Account page, must be a scam.

I'll let Amazon customer service know.
Click to expand...

BTW I was bored so I sent that address and email and it was returned as the address is not valid. I would in no way suggest that anyone do this for obvious reasons.
 
What's funny about this phishing email is that the link you provided is legitimate - the url doesn't change to a more typical phishy looking one, such as www.fake.amazon.stealing.password.nl/i'm/stealing/your/money or something like that. I goes to a legit amazon page - although not the ideal login page.
 
99% likely to be a scam.

However, the real tell will be to see where the link takes you in the email. Because you copy and pasted it here, it appears as the real link. But in the email, it's probably faked (meaning visually it appears correct in the email, but the actual URL it takes you too is invisible within the body of the email)..

Just like this:


http://www.apple.com

Same concept.
 
yellow said:
99% likely to be a scam.

However, the real tell will be to see where the link takes you in the email. Because you copy and pasted it here, it appears as the real link. But in the email, it's probably faked (meaning visually it appears correct in the email, but the actual URL it takes you too is invisible within the body of the email)..

Just like this:


http://www.apple.com

Same concept.
Click to expand...

Ahh. THat explains why it looks to be legit... I didnt think about the copying making the link real to us here.
 
notjustjay said:
I don't think I have ever, EVER, received a legitimate "we need you to verify/update your info" email from any place I've ever done business with.

So pretty much 100% of the time, it is a phishing attempt.
Click to expand...

I got one from eBay...it was a "your account has been suspended for suspicious activity" notice. Didn't notice it and a couple of others from eBay for several weeks because it was lumped in with all of the other similar phishing spam.

Turns out that someone had guessed or brute forced my eBay password and had hijacked the account. And as a verrrry infrequent eBay user, I hadn't noticed on my own. Can't even remember what made me finally spot the problem.

But yes, this is certainly a phishing attempt that would take you to a different site than the one you'd think you were headed to. Many e-mail apps now allow you to easily see where the link actually points...in Mail, for example, just hover over the link and the actual target will pop up.
 
yellow said:
See, I can't agree with 100%, as that leaves no room for error. There's always the possibility. However unlikely. When you think about it, 99% is a pretty darned high probability. :)
Click to expand...

Well, I'm not about to rule it out completely, but the truth is, as I said, that in 12 years of being online (wow, has it been that long!!) I have never received an actual email from a bank or store or whatever. I have received a phone call or two from my credit card company confirming unusual activity after purchasing, say, a laptop. But never by email.
 
yellow said:
See, I can't agree with 100%, as that leaves no room for error. There's always the possibility. However unlikely. When you think about it, 99% is a pretty darned high probability. :)
Click to expand...

Nah, I'm going to agree with 100$. *Real* corporations don't mess around when they want to get in touch with you . At the very least, they use your real name. They call your home numbers. They have ways to make contact that don't involve asking for your personal information up front. In fact, almost *every* business I've dealt with states explicitly that they will *never* ask for your password or username through an email. This isn't how legit companies do business. So yeah--if I were you, I'd stop holding out for that lone possibility, and start looking at it from a more realistic perspective. Banks don't play games with you when there are issues with your account.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back