By Pepper Parr
BURLINGTON, ON April 27, 2012 One of the things about crooks and thieves is that when they come across a good idea that pulls in all kinds of suckers, they use it over and over and over. They will quit only when people stop responding to the scam.
With cyber-crime there is little risk – the people doing much of this cyber identity theft are on the other side of the world and while international level police forces are getting better at pursuing and catching them – it is going to be a long time before we see any arrests. One defence is software we can use to filter them out – but the best defence is checking everything that comes to your screen.
My wife goes over the tape the supermarket cashier gives her – it would never occur to me to look at the take; it`s all bar coded isn’t it – so where could anything go wrong. Well bar codes aren’t perfect.
The face you think you see - the email address you think you see - may not be coming from the people you think it is coming from. Watch carefully every time.
Earlier this week we alerted you to a scam we came across – turns out that this good idea has been taken up by others and now Amazon and Twitter are being exploited.
We got the following related to our Twitter account:
Our system detected unusual activity associated with your account.
Your account may be temporarily suspended for violations of the Twitter Rules.
We suspend accounts for investigation if we suspect an account has been hacked or compromised.
You need to confirm your email address to regain access to your account.
Once you regain access, you will be able to request a new password for your Twitter account.
You can find information on following automations and permitted following behaviors on the help page:
https://support.twitter.com/
The email address this message came from was
Twitter <c-nfxzlxr=znvy-ba.hf-ae0dc@postmaster.twitler.com
Take a careful look at that address – notice they have spelled Twitter as twitler – and that my friends is not the same.
Also the use of English is awkward and that is always a tell tale sign.
We have a Twitter account – we don`t use it very much – so undue activity was the first clue, but had we been using the Twitter account heavily we just may have responded. With the cyber crooks out there ready to do anything they can to steal your identity, you do need to be vigilant.
The same day we got a notice about our Amazon account. We have in the past bought items from Amazon but recently we have supported the local bookstore – A Different Drummer – so we know the Amazon notice was a fake as well. Here is what we got from them:
We received a request to reset the password associated with this e-mail address. Please follow the instructions below.
Click the link below to complete or cancel request using our secure server:
https://www.amazon.com/ap/forgotpassword?arb=84a424dc-5467-b5de-c0a4-8e65672465a4
If clicking the link doesn’t seem to work, you can copy and paste the link into your browser’s address window, or retype it there.
Amazon.com will never e-mail you and ask you to disclose or verify your Amazon.com password, credit card, or banking account number. Thanks for visiting Amazon.com!
Sounds pretty legitimate. But take a careful look at the way amazon is spelled in the domain name part of the email address they used.
See the double m.
Amazon.com account-update@amazomm.com
I don’t think that is Amazon trying to tell me something. I think those guys are crooks trying to get information from me.
What do you think?