I get tons of phishing scam emails spoofing Amazon. You know, the
ones that say "Your Amazon account may have been compromised: please
click here to log in and verify your identity", and if you look at the
link, it goes to
http://123.45.67.8/morestuff instead of
http://www.amazon.com/morestuff. I get lots of similar phishing
emails spoofing ebay and various banks.
But yesterday's was different. The URL was this:
http://www.amazon.com/gp/amabot/?pf_rd_url=http://211.75.237.149/%20%20/amazon/xec.php?cmd=sign-in
Check it out: they're actually using amazon.com, and Amazon has a 'bot
called amabot that redirects you to somewhere else. Try this, for
example:
http://www.amazon.com/gp/amabot/?pf_rd_url=http://bn.com
-- you start on Amazon's site and end up at Barnes & Noble.
When a family member got tricked by a phish email a few months ago
(fortunately she became suspicious and stopped before revealing
anything important)
I gave her a quick lesson in how URLs work and how to recognize the
host part. "If the host part isn't what you think it should be,
it's probably a scam," I told her. That's pretty much the same as what
Amazon says (#6 on their "Identifying Phishing or Spoofed E-mails"
page). I guess now I need to teach her how to notice
that there's another URL embedded in the original one, even when the
original one goes to the right place. That's a bit more advanced.
I suspect a lot of anti-phishing software uses the same technique and
wouldn't have flagged this URL.
I reported the phish to Amazon (so far, just an automated reply, but
it hasn't been very long). I hope they look into this use of their
amabot and consider whether such a major phishing target really needs
a 'bot that can redirect anywhere on the net.
Tags: tech, web, security
[
11:34 Oct 24, 2006
More tech/web |
permalink to this entry |
]
The cool, overcast fall weather is here (first rain of the season,
too), and it's amazing how much difference it makes in the squirrels'
behavior and appetites. They're hungry again!
Just as Notch dropped from thirteen or fifteen nuts in
a day last winter to one or two during summer (of course, she probably
has plenty of other food sources aside from us), now that fall is here
we had to make an emergency run to the nut store to satisfy the hordes.
The kids, Chiquita and Scrape (as Dave took to calling Ringlet
after she got a scrape on her shoulder), are friskier in addition to
being hungrier. Today Scrape spent most of the morning running up and
down the guava tree, bounding in the air or doing front-flips for no
reason, and starting tussles with Chiquita. When not tussling with her
sibling, Chiquita spent most of the morning eating -- she's noticably
bigger than Scrape and it's not hard to see why.
Ringtail drops by periodically to check on how the kids are doing
in day care. Then she'll dig up a nut and move on. She never lingers.
We try to feed her, but she has an amazing inability to see food even
when she's standing right on top of it. She looks sleek and robust, so
I guess she's getting plenty to eat somewhere else, but watching her
nose around and still miss a nut right in front of her face, I
sometimes wonder how she survives.
Notch usually doesn't drop by until afternoon, and seems to avoid the kids.
Squirrels must have inhibitions about fighting youngsters (even those
not their own), since she's never been hesitant to chase away any
interloping adult squirrel. It'll be interesting to see how long the
truce lasts between Notch and Ringtail's kids -- and how long the
kids will stick together before going their separate ways.
Tags: nature, squirrels, urban wildlife
[
16:20 Oct 01, 2006
More nature/squirrels |
permalink to this entry |
]
![[RSS feed]](https://shallowsky.com/images/logos/rssicon-25x25.png){kind=small}
![[Twitter]](https://shallowsky.com/images/logos/twitter-bird-white-on-blue-25x25.png){kind=small}
![[envelope]](https://shallowsky.com/images/logos/envelope-25x25.png){kind=small}