Don’t Be Taken in by this Fake Amazon Order Phishing Scam!

Did you get an email from Amazon telling you about an order that you don’t remember ordering? That’s probably because you didn’t – it’s a phishing scam! Don’t fall for it! The “Your Amazon.com Order” email, which purportedly comes from “digital-no-reply@amazon.com” actually is an effort to get you to point your web browser to BookSalon.kr (the actual phishing URL is http://booksalon.kr/index2.html).

Twitter Password Reset Email Not Necessarily Phishing But Decidedly Clueless

In an effort to clean up after a phishing attack on Twitter, Twitter is targeting some Twitter accounts as “possibly compromised”, and proactively disabling the current password for the account, and sending a “Please change your twitter password” email, which asks you to “please create a new password by opening this link”. While we give them a great deal of credit for being so proactive, the irony is that the email Twitter is sending looks just like the phishing efforts that lead to this problem in the first place! So, if you get a “Please change your twitter password” email, what should you do? Read on.

Fake Amazon Cancellation Email Hides Canadian Pharmacy Spam Links

Not content with sending fake Amazon confirmation emails, the outfit sending out the Canadian pharmacy spam is now sending out fake Amazon.com order cancellation emails, too, claiming that your Amazon order has been cancelled. “Amazon.com – Your Cancellation (0046-68878-96071)” says the email’s subject (although the “order number” may change) – but of course the link to check “ORDER INFORMATION” really takes you to a Canadian pharmacy spam site, hawking Viagra, Cialis and the like. In the example below, the fake cancellation contains links to http://www.dinnerinperu.com/quadratical, which redirects to http://weightbreezy.com, which is a Canadian pharmacy spam site.

Fake Amazon “Your Confirmation” Phishing Emails Hide Canadian Pharmacy Spam

A spate of fake “Amazon.com – Your Confirmation” emails is making the rounds – they are phishing emails, with the supposed ‘Amazon’ links actually being hidden links going to such interesting places as http://drevmash.alfaspace.net/admiral.html, http://gofiberzone.com/upper.html, and meeknew.com. The subject (which so far appears to use the same “confirmation” number for everyone), is “Amazon.com – Your Confirmation (0113-567494-3518071)” and supposedly comes from the email address order-update@amazon.com. In reality, they are coming from IP address 124.217.216.112, and the emails are sent from (almost certainly spoofed) email addresses such as claude.simpson@ameritrade.com and lwjtvbwrqksz@young-world.com.

Facebook Apps Gone Wild – Rampaging Phishing Facebook Applications Stealing Usernames and Passwords

A plague of rogue Facebook applications that are stealing user credentials – such as usernames and passwords – has been sweeping Facebook in the past week. The phishing Facebook apps work the same way that many other applications do – including sending an email to your Facebook friends, with links to click on, and when you type in your username and password, BAM! Your login credentials have been stolen.

Tiny Free Browser Add-On Authenticates Email for You!

How many times have you received email that purports to be from a friend, or from someone with whom you do business, only to find out that you nearly got taken in by a fake? We here at the Internet Patrol, and our parent company, the Institute for Social Internet Public Policy, are offering readers of the Internet Patrol an exciting opportunity to take part in the testing of a new browser add-on that will help to protect you against such spoofing.

Paypal to Block Apple Safari Browser, Other Browsers

Paypal has announced that they are going to block the Apple Safari web browser, along with a few other browsers. The online payment service, purchased by eBay for $1.5B back in 2002, in the good old days of rampant Internet mergers and acquisitions, has become a frequent target of phishers and hackers. Anxious to recapture their good name and to offer to sellers and buyers alike a more secure environment, PayPal plans to discontinue support for web browsers that do not include anti-phishing capabilities. If this plan goes through, PayPal will block Safari and older versions of Internet Explorer, Firefox, Opera, and Netscape.

The Newest Paypal Phish Exhorts “Account Activity – Action Required”

Paypal phish are as common as the cold. Here, the newest one claims that there have been foreign attempts to log into your Paypal account, and explains that if it wasn’t you (which, of course, it wasn’t) you should click on the link to verifiy your identity. Where does the link really go? Not to Paypal, that’s for sure. In fact, it really goes to http://i-195-137-106-138.freedom2surf.net/login, which is a very convincing Paypal phishing site.