Go Back  Bike Forums > The Lounge > Foo
Reload this Page >

I just got an email from Amαzσn.cσm

Notices
Foo Light hearted off-topic chit chat with no general subject.

I just got an email from Amαzσn.cσm

Old 05-15-22, 02:31 PM
  #1  
TejanoTrackie 
Veteran Racer
Thread Starter
 
TejanoTrackie's Avatar
 
Join Date: Jul 2009
Location: Ciudad de Vacas, Tejas
Posts: 11,608

Bikes: 30 frames + 76 wheels

Mentioned: 25 Post(s)
Tagged: 0 Thread(s)
Quoted: 1095 Post(s)
Liked 463 Times in 272 Posts
I just got an email from Amαzσn.cσm

So, I just got an email from "Amαzσn.cσm" stating that my account has been disabled and I need to log in immediately to rectify the problem. Of course, this is a simple phishing email, which was sent to a long list of email addresses on the same domain, but what I find interesting is how they circumvented the check on the fake url by inserting Greek letters in place of the western alphabet. So, if you look closely, lower case a has been replaced with Greek alpha and lower case o has been replaced with Greek sigma. This is very clever, because a and α look almost the same, as well as o and σ. Normally, the scammers would do something like use Amazon.con, and hope the victim doesn't notice.
__________________
What, Me Worry? - Alfred E. Neuman

Originally Posted by Dcv View Post
I'd like to think i have as much money as brains.
I see the light at the end of the tunnel, but the tunnel keeps getting longer - me
TejanoTrackie is offline  
Old 05-15-22, 03:42 PM
  #2  
Rolla
Victimless Criminal
 
Rolla's Avatar
 
Join Date: Sep 2020
Posts: 2,567
Mentioned: 12 Post(s)
Tagged: 0 Thread(s)
Quoted: 1138 Post(s)
Liked 2,749 Times in 1,224 Posts
It's also an old trick to get around online forum naughty word filters, not that I would ever do such a thing.
Rolla is offline  
Old 05-15-22, 04:24 PM
  #3  
Seattle Forrest
Senior Member
 
Seattle Forrest's Avatar
 
Join Date: Mar 2010
Location: Seattle, WA
Posts: 22,948
Mentioned: 80 Post(s)
Tagged: 0 Thread(s)
Quoted: 17631 Post(s)
Liked 9,541 Times in 5,385 Posts
I get about one text a week saying my Chase or BofA or whatever account is frozen or there was activity in Alaska or Malaysia or something, and always, click here to fix it. I don't have an account with those banks but if you send enough fish, some of them will get a bite. And yeah they're getting more clever.
Seattle Forrest is offline  
Old 05-15-22, 09:25 PM
  #4  
veganbikes
Clark W. Griswold
 
Join Date: Mar 2014
Location: ,location, location
Posts: 10,049

Bikes: Foundry Chilkoot Ti W/Ultegra Di2, Salsa Timberjack Ti, Cinelli Mash Work RandoCross Fun Time Machine, 1x9 XT Parts Hybrid, Co-Motion Cascadia, Specialized Langster, Phil Wood Apple VeloXS Frame (w/DA 7400), R+M Supercharger2 Rohloff, Habanero Ti 26

Mentioned: 42 Post(s)
Tagged: 0 Thread(s)
Quoted: 2914 Post(s)
Liked 2,117 Times in 1,400 Posts
I bet those scam websites are hosted on the Billionaires servers, AWS, double scam 'em for max profits.
veganbikes is offline  
Old 05-15-22, 09:39 PM
  #5  
Hondo Gravel
Life Feeds On Life
 
Hondo Gravel's Avatar
 
Join Date: Jan 2018
Location: Hondo,Texas
Posts: 2,117

Bikes: Too many Motobecanes

Mentioned: 8 Post(s)
Tagged: 0 Thread(s)
Quoted: 3079 Post(s)
Liked 3,328 Times in 2,162 Posts
Originally Posted by TejanoTrackie View Post
So, I just got an email from "Amαzσn.cσm" stating that my account has been disabled and I need to log in immediately to rectify the problem. Of course, this is a simple phishing email, which was sent to a long list of email addresses on the same domain, but what I find interesting is how they circumvented the check on the fake url by inserting Greek letters in place of the western alphabet. So, if you look closely, lower case a has been replaced with Greek alpha and lower case o has been replaced with Greek sigma. This is very clever, because a and α look almost the same, as well as o and σ. Normally, the scammers would do something like use Amazon.con, and hope the victim doesn't notice.
yup same here not exactly at the same time but a few days back. When I sign on to my Amazon account I get an email asking if this is you. If so ignore it, if not change your password immediately and inform us.
Hondo Gravel is offline  
Old 05-16-22, 09:57 AM
  #6  
genec
genec
 
genec's Avatar
 
Join Date: Sep 2004
Location: West Coast
Posts: 27,019

Bikes: custom built, sannino, beachbike, giant trance x2

Mentioned: 73 Post(s)
Tagged: 0 Thread(s)
Quoted: 12532 Post(s)
Liked 3,962 Times in 2,742 Posts
Originally Posted by Seattle Forrest View Post
I get about one text a week saying my Chase or BofA or whatever account is frozen or there was activity in Alaska or Malaysia or something, and always, click here to fix it. I don't have an account with those banks but if you send enough fish, some of them will get a bite. And yeah they're getting more clever.
Yup. Just got one from "Netflix" saying my subscription is suspended... with the "click here."

Funny... I don't have a Netflix account.

Worked for a company that did fake spam tests about once a quarter... My office mate exclaimed one day: "Oh my, my Netflix account is suspended." Before she clicked on the link, I asked... "So when did you give Netflix your work email?" The light suddenly went on.

No doubt these phishing schemes work... some folks just fail to think through what comes in via text or email.
genec is offline  
Old 05-16-22, 10:32 AM
  #7  
TejanoTrackie 
Veteran Racer
Thread Starter
 
TejanoTrackie's Avatar
 
Join Date: Jul 2009
Location: Ciudad de Vacas, Tejas
Posts: 11,608

Bikes: 30 frames + 76 wheels

Mentioned: 25 Post(s)
Tagged: 0 Thread(s)
Quoted: 1095 Post(s)
Liked 463 Times in 272 Posts
Originally Posted by genec View Post
Funny... I don't have a Netflix account.
Of course you don't, but many people do and these spam emails are sent to large stolen mailing lists, so odds are there are plenty of recipients who do have a particular account. So, I don't have a Chase account but I do have an Amazon account, and am therefore a potential target. Now, there are many other obvious indicators that this phishing spam, such as the nonsense email address of the sender that can be seen by hovering over the From field.

I should point out that this only happens on my old cable ISP email account that is over twenty years old, and has absolutely no spam filtering.
__________________
What, Me Worry? - Alfred E. Neuman

Originally Posted by Dcv View Post
I'd like to think i have as much money as brains.
I see the light at the end of the tunnel, but the tunnel keeps getting longer - me
TejanoTrackie is offline  
Old 05-16-22, 10:34 AM
  #8  
zandoval 
Senior Member
 
zandoval's Avatar
 
Join Date: May 2010
Location: Bastrop Texas
Posts: 3,246

Bikes: Univega, Peu P6, Peu PR-10, Ted Williams, Peu UO-8, Peu UO-18 Mixte, Peu Dolomites

Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Quoted: 495 Post(s)
Liked 739 Times in 486 Posts
Wonder if you could use this method for more secure Pass Words?
__________________
No matter where your at... There you are... Δf:=f(1/2)-f(-1/2)
zandoval is offline  
Old 05-16-22, 10:37 AM
  #9  
Polaris OBark
Dirt Roadie
 
Polaris OBark's Avatar
 
Join Date: Jan 2022
Posts: 1,233
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 645 Post(s)
Liked 822 Times in 498 Posts
Originally Posted by zandoval View Post
Wonder if you could use this method for more secure Pass Words?
Most are limited to the ASCII character set.
Polaris OBark is offline  
Likes For Polaris OBark:
Old 05-16-22, 10:39 AM
  #10  
genec
genec
 
genec's Avatar
 
Join Date: Sep 2004
Location: West Coast
Posts: 27,019

Bikes: custom built, sannino, beachbike, giant trance x2

Mentioned: 73 Post(s)
Tagged: 0 Thread(s)
Quoted: 12532 Post(s)
Liked 3,962 Times in 2,742 Posts
Originally Posted by TejanoTrackie View Post
Of course you don't, but many people do and these spam emails are sent to large stolen mailing lists, so odds are there are plenty of recipients who do have a particular account. So, I don't have a Chase account but I do have an Amazon account, and am therefore a potential target. Now, there are many other obvious indicators that this phishing spam, such as the nonsense email address of the sender that can be seen by hovering over the From field.

I should point out that this only happens on my old cable ISP email account that is over twenty years old, and has absolutely no spam filtering.
Oh sure, that's why phishing works... but the real issue is that folks don't think before they click.

My 86 year old mother gets the last laugh when she gets spam phone calls... she doesn't have a credit card, nor Netflix, nor a computer, nor email... yet the "clowns" out there call her and tell her that her computer is infected or her credit card is suspended, etc. And she gets entertained by letting these fools run their whole scheme before she tells them she has "none of the above." She feels she is doing the public some good by tying them up for a bit.
genec is offline  
Likes For genec:
Old 05-16-22, 10:49 AM
  #11  
caloso
Senior Member
 
caloso's Avatar
 
Join Date: Jul 2002
Location: Sacramento, California, USA
Posts: 40,733

Bikes: Specialized Tarmac, Canyon Exceed, Specialized Transition, Ellsworth Roots, Ridley Excalibur

Mentioned: 68 Post(s)
Tagged: 0 Thread(s)
Quoted: 2893 Post(s)
Liked 2,919 Times in 1,342 Posts
Originally Posted by TejanoTrackie View Post
So, I just got an email from "Amαzσn.cσm" stating that my account has been disabled and I need to log in immediately to rectify the problem. Of course, this is a simple phishing email, which was sent to a long list of email addresses on the same domain, but what I find interesting is how they circumvented the check on the fake url by inserting Greek letters in place of the western alphabet. So, if you look closely, lower case a has been replaced with Greek alpha and lower case o has been replaced with Greek sigma. This is very clever, because a and α look almost the same, as well as o and σ. Normally, the scammers would do something like use Amazon.con, and hope the victim doesn't notice.
Interesting. I wonder if you could do the same with Cyrillic characters since many are identical to Roman.
caloso is offline  
Old 07-02-22, 03:01 PM
  #12  
Hondo Gravel
Life Feeds On Life
 
Hondo Gravel's Avatar
 
Join Date: Jan 2018
Location: Hondo,Texas
Posts: 2,117

Bikes: Too many Motobecanes

Mentioned: 8 Post(s)
Tagged: 0 Thread(s)
Quoted: 3079 Post(s)
Liked 3,328 Times in 2,162 Posts
A few years back I fell for a fake Pay Pal e mail but luckily I noticed right away. Went to my Pay Pal account and changed my password immediately.
Hondo Gravel is offline  
Old 07-05-22, 10:02 PM
  #13  
Seattle Forrest
Senior Member
 
Seattle Forrest's Avatar
 
Join Date: Mar 2010
Location: Seattle, WA
Posts: 22,948
Mentioned: 80 Post(s)
Tagged: 0 Thread(s)
Quoted: 17631 Post(s)
Liked 9,541 Times in 5,385 Posts
Originally Posted by genec View Post
Oh sure, that's why phishing works... but the real issue is that folks don't think before they click.
There is also something called spear fishing. Where a person reads your LinkedIn, Facebook, and everything else they can find about you online, then writes an email directly to you. It might say they're a startup and need to hire for a role similar to something you've done in the past, click to RSVP for an interview. Or you'll get an email from somebody who says they have the same bike as you, and did yours ever develop a creaking sound from the bottom bracket?

Spear fishing is a lot less common than "your account was close 4 suspicious activists" but the success rate is a lot higher. That's one of the ways people get into networks they shouldn't be in.

Use MFA whenever you can (if it makes sense to).
Seattle Forrest is offline  
Likes For Seattle Forrest:
Old 07-06-22, 09:58 AM
  #14  
TejanoTrackie 
Veteran Racer
Thread Starter
 
TejanoTrackie's Avatar
 
Join Date: Jul 2009
Location: Ciudad de Vacas, Tejas
Posts: 11,608

Bikes: 30 frames + 76 wheels

Mentioned: 25 Post(s)
Tagged: 0 Thread(s)
Quoted: 1095 Post(s)
Liked 463 Times in 272 Posts
Originally Posted by Seattle Forrest View Post
There is also something called spear fishing. Where a person reads your LinkedIn, Facebook, and everything else they can find about you online, then writes an email directly to you. It might say they're a startup and need to hire for a role similar to something you've done in the past, click to RSVP for an interview. Or you'll get an email from somebody who says they have the same bike as you, and did yours ever develop a creaking sound from the bottom bracket?

Spear fishing is a lot less common than "your account was close 4 suspicious activists" but the success rate is a lot higher. That's one of the ways people get into networks they shouldn't be in.

Use MFA whenever you can (if it makes sense to).
I don't get spear fishing emails because I don't have any social media accounts. I also don't respond to surveys. But, yeah, I do use MFA a lot, especially on financial accounts.
__________________
What, Me Worry? - Alfred E. Neuman

Originally Posted by Dcv View Post
I'd like to think i have as much money as brains.
I see the light at the end of the tunnel, but the tunnel keeps getting longer - me
TejanoTrackie is offline  
Old 07-06-22, 10:37 AM
  #15  
DiabloScott
It's MY mountain
 
DiabloScott's Avatar
 
Join Date: Sep 2006
Location: Mt.Diablo
Posts: 9,577

Bikes: Klein, Merckx, Trek

Mentioned: 65 Post(s)
Tagged: 0 Thread(s)
Quoted: 3496 Post(s)
Liked 1,834 Times in 996 Posts
Originally Posted by caloso View Post
Interesting. I wonder if you could do the same with Cyrillic characters since many are identical to Roman.

There are different ASCII codes for letters that appear to be the same.

ABC in English vs "ABC" in Cyrillic (which of course is AVS)
Different programs and apps have different ways of dealing with this.
BF doesn't allow foreign characters, and it won't allow me to type "ABC" using Cyrillic.
Email and other scam tools don't seem to have this issue.
But if you paste ABC in Cyrillic into Google, you'll get hits for ABC news first, and Russian pages way down the list.
Here, try it: LINK
DiabloScott is offline  
Old 07-10-22, 05:48 AM
  #16  
jessyrich
Newbie
 
Join Date: Jul 2022
Posts: 16
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
Likes: 0
Liked 4 Times in 3 Posts
There are so many different scams everywhere now. You can check amazon prime video service number on this website and discuss all the issues you have. Maybe they have some tips how to avoid being scammed in the future. I usually don't open suspicious emails, but as someone mentioned already, some of them look pretty normal and it is very difficult to recognize a scam straight.

Last edited by jessyrich; 07-21-22 at 04:12 AM.
jessyrich is online now  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information -

Copyright 2021 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.