Wednesday, September 07, 2005

Scum victimize Katrina contributors

@ A new low in phishing
There are always people who will take advantage of tragic situations so it is no real surprise that we’re seeing spam and phishing making use of the aftermath of Hurricane Katrina.

We’ve seen various spam messages using keywords like New Orleans and Katrina in an attempt to by-pass filters. Some are fake news message. Others are ‘stock tips’ for companies that will supposedly benefit from the clean-up or rebuilding contracts.

A message arrived a short time ago that is a new low in scamming and so offends us that we’re sending this special warning.

It appears to be a message from Amazon suggesting that you make a donation to the American Red Cross for victims of Katrina. But the message does NOT come from Amazon at all.

The From: address is faked to make it seem to come from Amazon. The look of the message copies the style used by Amazon and the wording is mostly lifted from the real Amazon appeal on their web site.

But the link in the email isn’t to the Amazon site, instead it goes to another web site – though the link uses the Amazon web address in it to make the url look more legitimate. Tracing the link takes us to the details for the “ China Railway Telecommunications Center “ in Beijing which could be real or just a front.

As with other phishing scams, the link takes you to a site that looks legitimate and lures you into entering your account, password or credit card details.

We picked this particular message as spam because it was sent to an address that we don’t use with Amazon, otherwise it would not have immediately rung any alarm bells. Having seen the messages on the real Amazon site it looked sincere.



The moral of this story is to NEVER use links in email messages from banks, online stores etc. If an email prompts you to action, ignore the link in the email and enter the normal link amazon.com citibank.com paypal.com ebay.com etc in your browser. Anything you need should show up on the home page or after you login to your account yourself.

For example, there are many phishing scams pretending to come from Paypal. They usually say there’s some security or other problem which needs to be fixed with a bogus link. If you think any such message might be real (almost certainly it won’t be real) then go to Paypal.com and login to your account (ie ignore the link in the email, even if it looks OK). When logging into your account, the Paypal system will automatically tell you of anything you need to do or update on your account.

Sadly there’s no point in complaining to the company being spoofed – it’s not their fault and there’s little they can do to stop messages going out in their name. The authorities might close the web link being used but by the time they’ve done that, people have been tricked and the baddies are long gone.

@ Donations Welcome
Of course, we’re not suggesting that you do not donate to the various appeals for victims of recent events. But you do have to be careful about any email solicitation like this and scams generally.

Amazon were quick to respond with a scheme to donate using your normal account details direct to the American Red Cross. Go here for details.mMoney will go direct to the American Red Cross.

The Salvation Army is doing their usual amazing job.

No comments: