Received an Amazon email about a survey. Asked Amazon about the survey, rep said they have no record of sending me an email. For my own curiosity I copied some of the amazon hypertext links in the email and checked them out with virus total. Here’s the info for the hypertext link “Amazon Customer Service Help page”
So you checked it out? Is it an Amazon survey? Can one be sure the survey isn’t some kind of phishing scheme itself?
Thanks.
N
I wanted to add that the email says it comes from Amazon.comstore-news@amazondtcom which apparently is a legit email and when I hover over the Amazon.com it also says the email address is store-news@amazondotcom. Can a phisher forge a real email address like this?
If you are in any doubt about its authenticity, save yourself a lot of time and delete it. I never respond to unsolicited email and this includes any surveys even if legit as I didn’t ask for it.
As far as Phishing emails go, are generally going to try and trick/scare you into giving out personal/security information. They usually have a link that whilst it appears to be for the site (in the subject of the email), but the underlying url will be for somewhere else.
Most likely they are going to try to get your banking details user and password, etc. No bank is going to ask you for that. Fear is what phishing email rely on, so you aren’t acting rationally.
I had one only a few days ago purporting to come from a bank that I use, it said that my account was restricted because of unusual activity, etc. etc. They wanted me to logon (via their link) to my account and because of the scare tactic many will do as is asked. I picked it up in my anti-spam software and it didn’t take long to see it wasn’t legit and was deleted at server level and never downloaded to my system.
For me I never spend much time trying determine its nature, if it is unsolicited email its flagged as spam (to train the anti-spam application) and then it is gone.
Something else to be ware of in unsolicited emails, they may have images, etc. and these have to be imported (they aren’t embedded in the email). The act of being imported gives them information, a) that the email address is active and b) the recipient opened it.
These show they have a live person that is prepared to open the email, so your email will be sold on to other lists, more spam and or possible phishing attempts.
Okay, so I emailed an Amazon rep and she wrote back telling me they have no record of sending me such an email. I emailed absolutdata and we’ll see what they have to say.
My last question that maybe someone can answer is why the URL in the email link for the “About Amazon Customer Email Surveys” page has &ref_=pe_2619750_215246050 added to its tail as opposed to that page’s URL when arrived at by a Google search/hit:
So now you’ve confirmed to a whole bunch of folks that you’re a real person and you respond to email that’s basically crap.
Unsolicited email should never be answered. It’s trash. It’s hoping to find a victim. Don’t become one.
If it wasn’t something you asked for, throw it out.
One of the great things about Gmail is it’s ability to filter out almost all of this crap. It winds up in the Spam folder where it belongs.
Okay, so both of those pages are the same, not like a spoof page?
And I hear you. I always just toss a suspicious email but this one was so well done it caught my curiosity. Many times you can see the email is not from who is claimed or the text has simple grammatical errors but not here.
The “from” in a email doesn’t say a thing.
I can send you a email that appears to be coming from your own email address (if I wanted to do so ofcourse)
If you want to check where a email comes from, check the headers.
Gmail does allow me to “show original” where I can see data like Message ID, IP, received from, etc. although I suspect someone could fake some of that?
The virustotal site doesn’t actually scan sites for viruses in real-time (but checks various blacklists), so that isn’t a guarantee that it is ‘clean.’