Welcome Guest [Log In] [Register]
Welcome to The New Coffee Room. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Is this phishing?
Topic Started: Mar 13 2016, 06:43 PM (457 Views)
George K
Member Avatar
Finally
Got this email:

Quote:
 
Hello,

At Amazon we take your security and privacy very seriously. As part of our routine monitoring, we discovered a list of email address and password sets posted online. While the list was not Amazon-related, we know that many customers reuse their passwords on several websites. We believe your email address and password set was on that list. For your security, we have assigned a temporary password to your account.

You will need to reset your password when you return to the Amazon.com site. To reset your password, click "Your Account" at the top of any page on Amazon.com. On the Sign In page, click the "Forgot your password?" link to reach the Amazon.com Password Assistance page. After you enter your email or mobile phone number, you will receive an email containing a personalized link. Click the link from the email and follow the directions provided.

Your new password will be effective immediately. We recommend that you choose a password that you have never used with any website.

Sincerely,

Amazon.com
http://www.amazon.com

Here's where it gets interesting:

I logged into my account through a new browser window, not using the links in the email using my OLD password, and it worked. Hmmm...seems they didn't reset my password after all. I changed it anyway (to something unique). Interestingly the email and all the links appear to be real Amazon links, and not a spoof.

http://amazon.com/ is the URL for all the links in the email.

Thoughts?
A guide to GKSR: Click

"Now look here, you Baltic gas passer... "
- Mik, 6/14/08


Nothing is as effective as homeopathy.

I'd rather listen to an hour of Abba than an hour of The Beatles.
- Klaus, 4/29/18
Offline Profile Quote Post Goto Top
 
jon-nyc
Member Avatar
Cheers
This woman claimed it was legit when it happened to her.

http://www.amazon.com/forum/kindle?_encoding=UTF8&cdForum=Fx1D7SY3BVSESG&cdThread=Tx1AY2Z1OHI02AT
In my defense, I was left unsupervised.
Offline Profile Quote Post Goto Top
 
jon-nyc
Member Avatar
Cheers
Of course that isn't definitive.
In my defense, I was left unsupervised.
Offline Profile Quote Post Goto Top
 
George K
Member Avatar
Finally
jon-nyc
Mar 13 2016, 06:51 PM
Quote:
 
Well Theresa - the easy way to tell was IF they actually changed your password for Amazon. Could you sign in on the Amazon site (here) with your old password? If so, it was BS

And I was able to sign in with my old password.
A guide to GKSR: Click

"Now look here, you Baltic gas passer... "
- Mik, 6/14/08


Nothing is as effective as homeopathy.

I'd rather listen to an hour of Abba than an hour of The Beatles.
- Klaus, 4/29/18
Offline Profile Quote Post Goto Top
 
jon-nyc
Member Avatar
Cheers
And she wasn't - read down the thread more.
In my defense, I was left unsupervised.
Offline Profile Quote Post Goto Top
 
George K
Member Avatar
Finally
jon-nyc
Mar 13 2016, 06:58 PM
And she wasn't - read down the thread more.
Yeah, I saw that.

Of course, that thread is about 5 years old, so who knows...
A guide to GKSR: Click

"Now look here, you Baltic gas passer... "
- Mik, 6/14/08


Nothing is as effective as homeopathy.

I'd rather listen to an hour of Abba than an hour of The Beatles.
- Klaus, 4/29/18
Offline Profile Quote Post Goto Top
 
Copper
Member Avatar
Shortstop
Yes, based on the word choices I think it is. The obvious broken English these guys use is getting better but it is still not what it should be.

"You will need to "

I don't care if it is correct usage or not. If I see "need to" anything I figure it is a foreign hacker.

"We recommend that you choose a password that you have never used with any website." I think that is kind of an unusual thing to say, at least in that context.

Check the source of the links in the email to see where they really go.

"After you enter your email or mobile phone number, you will receive an email containing a personalized link. Click the link from the email and follow the directions provided. " I think that is strange, even if it is legit.



The Confederate soldier was peculiar in that he was ever ready to fight, but never ready to submit to the routine duty and discipline of the camp or the march. The soldiers were determined to be soldiers after their own notions, and do their duty, for the love of it, as they thought best. Carlton McCarthy
Offline Profile Quote Post Goto Top
 
George K
Member Avatar
Finally
Copper
Mar 13 2016, 07:03 PM
Check the source of the links in the email to see where they really go.
I did that, and they go to http://amazon.com/

Not www.amazon.com

And yes, the syntax is odd: "as part of our routine monitoring", for example.

"email address and password sets posted online"

A guide to GKSR: Click

"Now look here, you Baltic gas passer... "
- Mik, 6/14/08


Nothing is as effective as homeopathy.

I'd rather listen to an hour of Abba than an hour of The Beatles.
- Klaus, 4/29/18
Offline Profile Quote Post Goto Top
 
Red Rice
HOLY CARP!!!
Sign in, go to Your Account, then go to Message Center, and see if Amazon sent you that e-mail.
Civilisation, I vaguely realized then - and subsequent observation has confirmed the view - could not progress that way. It must have a greater guiding principle to survive. To treat it as a carcase off which each man tears as much as he can for himself, is to stand convicted a brute, fit for nothing better than a jungle existence, which is a death-struggle, leading nowhither. I did not believe that was the human destiny, for Man individually was sane and reasonable, only collectively a fool.

I hope the gunner of that Hun two-seater shot him clean, bullet to heart, and that his plane, on fire, fell like a meteor through the sky he loved. Since he had to end, I hope he ended so. But, oh, the waste! The loss!

- Cecil Lewis
Offline Profile Quote Post Goto Top
 
Copper
Member Avatar
Shortstop
"After you enter your email or mobile phone number, you will receive an email containing a personalized link. Click the link from the email and follow the directions provided. "

Maybe they feed you this line hoping you go to the real Amazon.

Then they'll follow a day later with this email with the "personalized link" telling you to follow it.

Then they get you with the "personalized link".

The Confederate soldier was peculiar in that he was ever ready to fight, but never ready to submit to the routine duty and discipline of the camp or the march. The soldiers were determined to be soldiers after their own notions, and do their duty, for the love of it, as they thought best. Carlton McCarthy
Offline Profile Quote Post Goto Top
 
Axtremus
Member Avatar
HOLY CARP!!!
Check the email header ... may be clues there.
Good luck.
Offline Profile Quote Post Goto Top
 
Riley
Member Avatar
HOLY CARP!!!
Hmm if it's phishing I don't get what they could be doing if the link actually goes to Amazon.com.
Offline Profile Quote Post Goto Top
 
George K
Member Avatar
Finally
Red Rice
Mar 13 2016, 07:07 PM
Sign in, go to Your Account, then go to Message Center, and see if Amazon sent you that e-mail.
Interesting. No message there. They did acknowledge my password change, however.

Gets more interesting. D2 said that she got a spoof email from the email account I use at amazon.

Quote:
 
Hello!

New message, please read http://sokhandani.com/spent.php

(variation of my name here)


The "from" in that email shows a variation of the name I use at that account, but the domain is correct. So, instead of being "banana@mydomain.com" it shows "bananas@mydomain.com".

I've changed password on that account, by the way at GoDaddy.

Any thoughts?
Edited by George K, Mar 14 2016, 07:30 AM.
A guide to GKSR: Click

"Now look here, you Baltic gas passer... "
- Mik, 6/14/08


Nothing is as effective as homeopathy.

I'd rather listen to an hour of Abba than an hour of The Beatles.
- Klaus, 4/29/18
Offline Profile Quote Post Goto Top
 
Aqua Letifer
Member Avatar
ZOOOOOM!
George K
Mar 14 2016, 07:29 AM
Any thoughts?
You have Prime, yes?

I'd contact Amazon directly; they're usually pretty good about responding to Prime members. Definitely sounds like something's going on.
I cite irreconcilable differences.
Offline Profile Quote Post Goto Top
 
« Previous Topic · The New Coffee Room · Next Topic »
Add Reply