Phishing in the Amazon

“Dear Customer,” said the fake Amazon.com email:

Your order has been successfully canceled. For your reference, here’s a summary of your order:

You just canceled order #035-7974456-97033

Status: CANCELED

ORDER DETAILS
Sold by: Amazon.com, LLC

Under “ORDER DETAILS” is the evil link.

Incidentally, this might have worked better if the subject line hadn’t read this way:

Amazon.com – Your Cancellation (201-1308925-1761919)

You’d think the numbers would actually match.





5 comments

  1. fillyjonk »

    6 March 2010 · 10:38 am

    I would think it would be somewhat dangerous for a phisher to scam under Amazon’s name. I’m betting that if Amazon found him, they’d crush him like a bug.

    But yeah, I’ve got these kinds of things before. I suppose people who order far more than I do and are poorer at keeping track of what and when they ordered might be taken in.

  2. Jeffro »

    6 March 2010 · 12:57 pm

    Most of the “order” notifications I get aren’t for things normally associated with Amazon. IYKWIMAITTYD.

  3. CGHill »

    6 March 2010 · 1:20 pm

    Interestingly, this was just linked by a spam blog. Imagine that.

  4. Basil »

    6 March 2010 · 4:12 pm

    I see what happened! They crossed your order and my order. That explains why you and I both got that email.

    Only, I don’t remember ordering anything. My memory is so bad these days.

    Maybe I can contact them and give them my checking account information now before I forget.

  5. CGHill »

    7 March 2010 · 9:14 am

    Incidentally, another one of those came in late last night, though this time Windows Live Mail spotted it as a phishing expedition and gave it the back of its hand, as it were.

RSS feed for comments on this post