We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

WARNING: Amazon phishing e-mail

Ruth
Ruth Posts: 12 Forumite
in Shop but don't drop
I've just seen a reference to the fraudsters starting to use fake Amazon e-mails as a way to steal bank details (and hence money) - please be aware of this risk!

http://www.cashquestions.com/forum/showthread.php?p=21900

Regards

Ruth

Comments

  • Labasheedy
    Labasheedy Posts: 205 Forumite
    thanks Ruth, It's a clever one
    I started off with nothing and I've still got most of it left.
  • greenwich
    greenwich Posts: 8,044 Forumite
    1,000 Posts Combo Breaker
    Labasheedy wrote:
    thanks Ruth, It's a clever one
    Very clever. I clicked on the fake Amazon link just to see what it does. I was presented with what looks like the normal Amazon login page. I entered some totally made-up login information and pressed the "sign in via our secure server" button. It didn't go through a secure connection (https), just the normal one (http). Instead of rejecting my invalid login, it just put up a page asking for my credit card details and - wait for it- my PIN!

    I then pressed one of the fake Amazon links on the page and to my amazement it came back with my name, just like Amazon do when I go to their site, and showed recommendations for books similar to ones I have bought from the real Amazon. Obviously it's read the cookie that the real Amazon stores on my PC. I pressed the "Add to cart" button for a book and it put the book in my shopping cart. Wow. These guys have made a complete fake Amazon website. I guess the difference is that they don't actually send you any books for your money.

    The Chinese are obviously so much better at this than the Nigerians! :eek:
    Eh?? I give up!! Towel is getting thrown in here! :D
  • Ruth
    Ruth Posts: 12 Forumite
    No, what they've done is what phishers commonly done - all the links on the site are to the genuine Amazon site, and that's how it knows your name etc. It's the genuine Amazon site reading the cookie, not the false site. The links all correctly begin https://www.amazon.com/ etc.

    And the site's just as likely to be run by Nigerians as Chinese - it's just that they've hosted it in China because the Chinese are (presumably) pretty useless at closing down scam sites.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.7K Banking & Borrowing
  • 254.2K Reduce Debt & Boost Income
  • 455.1K Spending & Discounts
  • 246.8K Work, Benefits & Business
  • 603.2K Mortgages, Homes & Bills
  • 178.2K Life & Family
  • 260.8K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture