Those spammers who send emails out using Amazon brands think they can simply cheat people.
One late email spam from them indicates that they're not aware of what they are doing. They simply don't know that they will be tracked and their hidden places will be exposed.
These are four IP Addresses the late Phishing email spam came from:
IP Address: 85.187.59.175 Country: BG Bulgaria Region: Sofiya City: Sofia ISP: Evro
IP Address: 82.103.69.2 Country: BG Bulgaria Region: Sofiya City: Sofia ISP: Spectrum Net LTD
IP Address: 213.169.56.25 Country: BG Bulgaria Region: (-) City: (-) ISP: Development Center
IP Address: 69.15.220.193 Country: US Region: Georgia City: Atlanta ISP: CBEYOND COMMUNICATIONS LLC
They provided some links in that email spam, one of them appears like this: http:// www. amazon. com/gp/subs/primeclub/account/homepage.html/ref=ya_hp_sub_1/10
4-4436503-7329515?ie=UTF8&method=GET and points at: http : //85.187.59.175/ amazon.com
The email spam goes this way:
Dear Amazon® member,
We are contacting you to inform you that our Account Review Team identified some unusual activity in your account. In accordance with Amazon's User Agreement and to ensure that your account has not been compromised, access to your account was limited.
Your account access will remain limited until this issue has been resolved. To secure your account and quickly restore full access, we may require some additional information from you for the following reason: We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.
This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension.To securely confirm your Amazon information please click on the link bellow:
http:// www. amazon. com /gp/ subs/primeclub/ account/homepage.html/ ref= ya_hp_sub_ 1/104-4436503-7329515?ie=UTF8&method=GET
We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.
For more information about how to protect your account please visit Amazon Security Center.
We apologize for any incovenience this may cause, and we apriciate your assistance in helping us to maintain the integrity of the entire Amazon system.
Thank you for using Amazon!
The Amazon Team
Privacy Notice © 1995-2007, Amazon.com, Inc. or its affiliates.
_____________________
More details:
Return-Path: <>
Received: from mail. fastnetbg. com ([82.103.69.2])
Received: from mailer. lindner. bg (mailer. lindner. bg [213.169.56.25]) by mail. fastnetbg .com (8.13.8/8.13.1) with ESMTP id l8E1x4hZ020601; Fri, 14 Sep 2007 04:59:04 +0300 Received: from User [69.15.220.193] by mailer. lindner. bg with ESMTP (SMTPD-8.20) id
ADE403C8; Fri, 14 Sep 2007 05:11:48 +0300 From: "security @ amazon-inc . com" <>
Subject: Account Review Team identified some unusual activity in your account
Date: Thu, 13 Sep 2007 22:07:01 -0400
_____________________
See more spammers and more malware attacks here and use the list to block them:
http://www.ezine-act-politics-business-and-love.com/malware.html
Stumbleupon It
Add2Netvouz
Posts
-
5 comments:
Here is more tracking info on the phishing spam email.
Received: from as.itesm.mx ([200.34.200.251]) by bay0-mc3-f10.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Sun, 30 Sep 2007 01:47:29 -0700
Received: from User (75.59.191.188) by itesm.mx (7.2.052) (authenticated as wally) id 46F64416000AA204; Sat, 29 Sep 2007 20:57:12 -0500
X-Message-Delivery: Vj0zLjQuMDt1cz0wO2k9MDtsPTA7YT0w
X-Message-Info: dHQQAFUzc9R6vt3RfM03DlBaZ8mADaAVe5slFeSVZ/Yg+be4nIC6Mc2znx049/NGBe/UOSAV3Zxkw0At3N/Syg==
X-IronPort-AV: E=Sophos;i="4.21,213,1188795600"; d="scan'208,217"; a="251551484"
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Return-Path: security@amazon-inc.com
X-OriginalArrivalTime: 30 Sep 2007 08:47:29.0090 (UTC) FILETIME=[885FE220:01C8033E]
If you were sure of the two IP addresses then they blog to the following ISPs:
200.34.200.251 Country: MEXICO Region: SINALOA City: MAZATLAN ISP: ITESM
75.59.191.188 Country: UNITED STATES Region: TEXAS City: PLANO ISP: JACOBS ASSOCIATES
I meant they belong to...
I fell for this scam!
what can I do?
obviously, I'm not very good at computers, and I'm feeling very bad / overwhelmed about the whole thing.
Just don't be scammed by such phishing emails. Don't respond and close them by activating your scam filters. I can see for example some of them getting on trash while they are dropping in and keep smiling. Those I permit land of course in my box. Haven't you Built a wall between you and hackers yet?
Post a Comment