Shallow Thoughts

Akkana's Musings on Open Source, Science, and Nature.

Tue, 24 Oct 2006

New "Amabot" Phishing Scam Spoofing Amazon

I get tons of phishing scam emails spoofing Amazon. You know, the ones that say "Your Amazon account may have been compromised: please click here to log in and verify your identity", and if you look at the link, it goes to http://123.45.67.8/morestuff instead of http://www.amazon.com/morestuff. I get lots of similar phishing emails spoofing ebay and various banks.

But yesterday's was different. The URL was this:
http://www.amazon.com/gp/amabot/?pf_rd_url=http://211.75.237.149/%20%20/amazon/xec.php?cmd=sign-in

Check it out: they're actually using amazon.com, and Amazon has a 'bot called amabot that redirects you to somewhere else. Try this, for example: http://www.amazon.com/gp/amabot/?pf_rd_url=http://bn.com -- you start on Amazon's site and end up at Barnes & Noble.

When a family member got tricked by a phish email a few months ago (fortunately she became suspicious and stopped before revealing anything important) I gave her a quick lesson in how URLs work and how to recognize the host part. "If the host part isn't what you think it should be, it's probably a scam," I told her. That's pretty much the same as what Amazon says (#6 on their "Identifying Phishing or Spoofed E-mails" page). I guess now I need to teach her how to notice that there's another URL embedded in the original one, even when the original one goes to the right place. That's a bit more advanced. I suspect a lot of anti-phishing software uses the same technique and wouldn't have flagged this URL.

I reported the phish to Amazon (so far, just an automated reply, but it hasn't been very long). I hope they look into this use of their amabot and consider whether such a major phishing target really needs a 'bot that can redirect anywhere on the net.

Tags: , ,
[ 10:34 Oct 24, 2006    More tech/web | permalink to this entry ]

Sun, 01 Oct 2006

Frisky Fall Squirrelets

The cool, overcast fall weather is here (first rain of the season, too), and it's amazing how much difference it makes in the squirrels' behavior and appetites. They're hungry again! Just as Notch dropped from thirteen or fifteen nuts in a day last winter to one or two during summer (of course, she probably has plenty of other food sources aside from us), now that fall is here we had to make an emergency run to the nut store to satisfy the hordes.

The kids, Chiquita and Scrape (as Dave took to calling Ringlet after she got a scrape on her shoulder), are friskier in addition to being hungrier. Today Scrape spent most of the morning running up and down the guava tree, bounding in the air or doing front-flips for no reason, and starting tussles with Chiquita. When not tussling with her sibling, Chiquita spent most of the morning eating -- she's noticably bigger than Scrape and it's not hard to see why.

Ringtail drops by periodically to check on how the kids are doing in day care. Then she'll dig up a nut and move on. She never lingers. We try to feed her, but she has an amazing inability to see food even when she's standing right on top of it. She looks sleek and robust, so I guess she's getting plenty to eat somewhere else, but watching her nose around and still miss a nut right in front of her face, I sometimes wonder how she survives.

Notch usually doesn't drop by until afternoon, and seems to avoid the kids. Squirrels must have inhibitions about fighting youngsters (even those not their own), since she's never been hesitant to chase away any interloping adult squirrel. It'll be interesting to see how long the truce lasts between Notch and Ringtail's kids -- and how long the kids will stick together before going their separate ways.

Tags: , ,
[ 15:20 Oct 01, 2006    More nature/squirrels | permalink to this entry ]