Are others seeing an increase in phishing emails?

donheff

donheff

Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Joined
Feb 20, 2006
Messages
11,331
Location
Washington, DC
I have seen a large increase in phishing emails purporting to "confirm" a cancellation of an Amazon order, announcing that my Paypal account update is available online, etc. All of these messages have links to go to the site and login typically using bizzaro world URLs containing the actual site name (e.g. amazon.com) followed by some strange concoction of characters that will undoubtedly direct you to evil server in Ubickybickystan.

I NEVER click on emails purporting to offer links to my accounts but these cancellation emails can be particularly tempting to act on if they happen to appear shortly after you have made a transaction. I think of some of my relatives and wonder if they could resist.

Anyone else noticed an increase in these? I have seen it in my Yahoo account but not Gmail. Maybe I just got my address added to some bad guy's sucker list.
 
Have you checked your gmail spam filter? I've seen these (amazon) in my gmail account, they got past the filter. Spammers are always looking for a way to get to the 0.01% of people who actually do e-dumb things like click on the links and then give personal data.
 
For the past month or so, I get one or two every day in my Yahoo e-mail (usually goes to spam but sometimes in the main inbox). I never get them in my gmail email, which makes me wonder if (a) is gmail better at just bouncing them so I never see them, or (b) did someone hack into Amazon and steal the addresses, as I've only used my Yahoo e-mail to order from Amazon.
 
MichaelB said:
Have you checked your gmail spam filter? I've seen these (amazon) in my gmail account, they got past the filter.
Click to expand...

Bestwifeever said:
For the past month or so, I get one or two every day in my Yahoo e-mail (usually goes to spam but sometimes in the main inbox).
Click to expand...
Like Bestwifeever, I am only seeing them in Yahoo, not Gmail. I haven't identified any of the messages as spam because they use a legitimate domain name in the email header. I don't want to identify everything coming from amazon.com as spam.
 
Bestwifeever said:
For the past month or so, I get one or two every day in my Yahoo e-mail (usually goes to spam but sometimes in the main inbox). I never get them in my gmail email, which makes me wonder if (a) is gmail better at just bouncing them so I never see them, or (b) did someone hack into Amazon and steal the addresses, as I've only used my Yahoo e-mail to order from Amazon.
Click to expand...
I've recently seen the same thing - Amazon phishing messages in my Yahoo mail but not gmail. Yahoo has only let one slip through the spam filter though...
 
Yes.

It used to be just spam but now phishing too. These are getting through the Yahoo spam filter.

I send them straight to the spam folder and dump it often.
 
Yes, huge increase in the last couple of weeks. I have my Yahoo spam filter mark suspected spam and forward it to me via Thunderbird. That way I don't miss legitimate emails. I used to get a few spam a week, now it is dozens a day.
 
Yes, I've noticed them....both in my gmail Inbox and the Spam box.

I then go to the REAL site and see if they are interested in receiving such spam/phisihing emails . Some are. In that case, I forward the email to them.

omni
 
donheff said:
I have seen a large increase in phishing emails purporting to "confirm" a cancellation of an Amazon order,
Click to expand...

Thank you for mentioning this one! I got it yesterday in my AOL email and deleted it, but wondered if it was real or not. I really should start using my gmail account more (but everyone has my AOL email and I am lazy).
 
I have received both the Amazon and Paypal phishing emails in the past.

I have Spoofstick (SpoofStick Home) installed on my pc so if I have doubt on a url, I check the Spoofstick result as an extra verification.
 
W2R said:
Thank you for mentioning this one! I got it yesterday in my AOL email and deleted it, but wondered if it was real or not. I really should start using my gmail account more (but everyone has my AOL email and I am lazy).
Click to expand...

Maybe you could set up an automatic reply on your AOL account that either says "contact me on my new gmail account at whatever@gmail..." or if you don't want that out there "call me for my new email address if you're someone that should really have it." Maybe that's a good "lazy" way to make the transition. I love my gmail!
 
panacea said:
Maybe you could set up an automatic reply on your AOL account that either says "contact me on my new gmail account at whatever@gmail..." or if you don't want that out there "call me for my new email address if you're someone that should really have it." Maybe that's a good "lazy" way to make the transition. I love my gmail!
Click to expand...

I am quite familiar with auto-responses, since we used them at work when on leave.

So how do the multitude of businesses sending me auto-reminders or who want my e-mail for unknown reasons, handle auto-responses like that? :)

I did make a list of everyone who contacted me via that e-mail for a year, before we cancelled our move to Missouri (since my AOL email has my location in it and I would be forced to switch). I just need to get busy and do something with it.

This is all too much work. I'm going back to posting. :LOL:
 
Last edited:
My main mail provider uses Postini so I never get spam delivered. But I have to empty Postini out twice a day. I never get spam in gmail.
 
donheff said:
I have seen a large increase in phishing emails purporting to "confirm" a cancellation of an Amazon order, announcing that my Paypal account update is available online, etc.

Anyone else noticed an increase in these? I have seen it in my Yahoo account but not Gmail. Maybe I just got my address added to some bad guy's sucker list.
Click to expand...

My Yahoo e-mail gets two or three of these a day in the spam folder. Started a couple weeks ago. Occasionally one shows up in the inbox but I just flag it as spam.

These things seem to run in cycles along with the "male enhancement" and Canadian pharmacy spams. Must be the phases of the moon or something like that...
 
For those marking this phishing expeditions as spam do you stop getting legitimate emails from the domain in question? My Amazon frauds have spoofed @amazon.com in the from address. Since my yahoo address is the one I use for commercial junk I don't want to block confirmation emails, shipment notices and the like.
 
DW received one of these a couple of weeks ago. Since she has neither an Amazon nor PayPal account, she just marked it as "junk" on her Hotmail account.

While she uses a global mail account (e.g. Hotmail) since she links her Hotmail calander to her Windows smart phone, I could see that the activity could be only on global email subscribers.

As for myself? I only use my ISP's mail (Verizon, with worldwide access) and have yet to see such an "attack", FWIW...
 
Last edited:
W2R said:
So how do the multitude of businesses sending me auto-reminders or who want my e-mail for unknown reasons, handle auto-responses like that? :)
Click to expand...

Yes, there is that! I guess there is no really easy way.
 
donheff said:
For those marking this phishing expeditions as spam do you stop getting legitimate emails from the domain in question? My Amazon frauds have spoofed @amazon.com in the from address. Since my yahoo address is the one I use for commercial junk I don't want to block confirmation emails, shipment notices and the like.
Click to expand...

I ordered something from Amazon last week and the confirmation e-mails did not go to my spam folder, unlike the phishing fake Amazon.com e-mails. So Yahoo's spam filter must read "invisible" info in the e-mail sender to be able to let the bona fides come through to the regular e-mail folder.
 
I received these from Amazon and PayPal as well. AOL did a good job of placing them neatly in my Spam folder. I find that AOL's spam filter is a saving grace for AOL.
 
Bestwifeever said:
I ordered something from Amazon last week and the confirmation e-mails did not go to my spam folder, unlike the phishing fake Amazon.com e-mails. So Yahoo's spam filter must read "invisible" info in the e-mail sender to be able to let the bona fides come through to the regular e-mail folder.
Click to expand...

At least to this point amazon itself uses different email addresses than the spamers/fishers. Orders come from auto-confirm, while shipment notifications come ship-confirm. The fishers so far are from order-update. BTW if you just mouse over the links in these messages you can see the linked address, and it is a bizzare one.
 
I have been getting amazon "cancellations" and youtube notices in my yahoo e-mail. I don't use that e-mail for amazon orders so I don't think it's related to amazon. I don't post to youtube so I don't think it's related to youtube.
I also get cancellation notices for Yahoo e-mail so I'm guessing it's related to Yahoo. Started regularly the last few wks.
 
I've also been receiving emails from Verizon regarding my account and the money I owe them. A huge tip-off is: I don't have an account with Verizon.

omni
 
meierlde said:
At least to this point amazon itself uses different email addresses than the spamers/fishers. Orders come from auto-confirm, while shipment notifications come ship-confirm. The fishers so far are from order-update. BTW if you just mouse over the links in these messages you can see the linked address, and it is a bizzare one.
Click to expand...

That's what triggers most anti-phishing spam filters. The friendly looking URL in the message is really just a text hyperlink, with the actual HTTP address going someplace weird. Oh, sure it SAYS amazon.com, but the actual address is something weird like http :// 192.168.255.255/drevil/bad//stuff.

Spam filters and antivirus code like ClamAV check for these pseudo-URLs in the mail message source code and can flag or destroy the bad messages.
 
meierlde said:
. BTW if you just mouse over the links in these messages you can see the linked address, and it is a bizzare one.
Click to expand...

Thanks for this tip. I expected the address to pop up when I moused over the link so thought it wasn't working until I realized it was at the bottom of screen. .............so if the first part is legit like amazon. com but the rest looks like xyz,,,,,,,,## does that mean it's ok?
 
kaneohe said:
Thanks for this tip. I expected the address to pop up when I moused over the link so thought it wasn't working until I realized it was at the bottom of screen. .............so if the first part is legit like amazon. com but the rest looks like xyz,,,,,,,,## does that mean it's ok?
Click to expand...
No, they can include the amazon.com part and still redirect you to badland. The safest thing to do when you want to followup on any email notice is to enter the site URL directly in your browser address bar. I vaguely recall reading that scripts in messages could display legitimate URLs on rollover but still send you to other places when you activate the link. I think the browsers may have corrected for that by displaying the redirect portion as well (the xyz,,,,,## you mentioned).
 
You must log in or register to reply here.

Similar threads

Mr._Graybeard
I got phished
2 3 4
Replies
85
Views
5K
isisdave
I
PaunchyPirate
Helping an elderly parent stay on top of their financial accounts
Replies
24
Views
935
1242Vintage
1
Janet H
Forum Update - We're back! Ask your questions here.
3 4 5
Replies
121
Views
2K
USGrant1962
USGrant1962
Janet H
Forum Downtime - software update scheduled April 23/24
2
Replies
36
Views
1K
Out of Steam
Out of Steam
A
favorite email client app for Apple MAC??
Replies
18
Views
635
Rianne
Rianne

Latest posts

Back
Top Bottom