Byline: LORETTA KALB The Sacramento (Calif.) Bee
Always question an order you can't remember making. And never, ever give out your credit card number for an online transaction you didn't initiate.
That's the sage advice being given to hundreds of Amazon.com customers who recently received bogus e-mails that referred to phantom orders.
The bogus e-mails, designed to appear as though they were acknowledgments for orders from Amazon.com, apparently were aimed at getting unsuspecting consumers to reveal their credit card information.
An Amazon.com spokeswoman said she knew of no cases in which consumers actually turned over card data. But the spokeswoman, Patty Smith, added that hundreds of people complained to the company over the past week.
The e-mails, or spam, described merchandise about to be shipped and included a Web link for individuals who wanted to cancel their orders, Smith said.
Recipients who selected the link early last week reportedly were taken to a non-company page that asked for the credit-card information to aid in canceling the order. The site was removed by an Internet service provider when it was discovered it was being used to perpetrate the fraud, Smith said.
The ISP is like many available on the Web that enable users to create Web sites inexpensively, explained David Zapolsky, associate general counsel for Amazon.com.
"What the bad guys did was create this page ... and then they managed, somehow, to disguise the (Web address) to make it appear as though it were an Amazon. com page," Zapolsky said.
Instead, it took users to a Web site that had no connection to the online seller.
"This kind of activity is taking place at a low level all around the world all the time," Zapolsky said. "This one is distinguished by the fact that we got hundreds of complaints about it."
Smith said Amazon.com customers are asked for their credit-card data only once - when they initiate their first online purchase at the site. And that transmission is encrypted for security purposes.
"We never tell people to input their credit card when they are canceling an order," Zapolsky added.
The company reported that it is investigating the fraud. Smith, meanwhile, responded to customer complaints with an e-mail advising that the bogus messages did not originate from Amazon.com and that the company had no part in its content.
No comments:
Post a Comment