MobileRead Forums - View Single Post - Banned From Amazon, Possibly Losing All of My Books

haertig · 08-08-2022, 01:57 PM

At the very least, if you are bound and determined to respond to a probable phishing email (you shouldn't!), then when you go to login to your account, intentionally use an incorrect password. If that appears to log you in (it would be fake), then you've proven it was a scam. Or if other weird stuff happens - like going to a webpage you weren't expecting, or getting an error that a webpage could not be displayed. Those are all signs of fraud. If your intentionally incorrect password is rejected, as it would be on the legitimate website, then maybe you are on the legit website. But you still don't know that for sure.

But best - by far - is to ignore the phishing attempt. I cannot think of any company that would send you and email saying your account will be suspended if you don't respond to the email. If you have the technical knowledge, you can look at the incoming email source, including headers, and look at domains, trace IP addresses, etc., to help determine the legitimacy of the email. But I only do this checking for personal entertainment. I would never enter any sensitive information - passwords, etc. - after following a link sent in an email or text message. Any email. Legitimate companies never ask you to do that, unless they are stupid. And in that case, maybe you should consider doing business with a different, more intelligent, company instead.

BTW, I do sometimes follow links sent in emails ... for entertainment. But that is done from my play computer that has nothing on it. No writable media - no hard disks, no SSDs, no flash drives, nada. I boot it off of a DVD and load the entire OS into RAM. I connect it to a totally isolated VLAN network. So the phisher is not going to harm my computer, network, or personal data in any way. And I know not to enter any sensitive information. Well, I do enter that stuff, but it is totally fake made up info so I can probe and look around at what the scammer is attempting to do. And often times your email address is included in the link they want you to click on. They use your click to verify that the email address is a good one, ripe for selling for future spam. So you have to alter the link they want you to click on to hide this information if you're going on an entertainment adventure. Sometimes your email address is in plain text, sometimes it's encoded. So be sure to kludge up any random looking character strings in the link before actually going there.

08-08-2022, 01:57 PM	#24
haertig Wizard Posts: 1,925 Karma: 33156336 Join Date: Sep 2017 Device: PW3, Galaxy Tab A9+, Moto G7	At the very least, if you are bound and determined to respond to a probable phishing email (you shouldn't!), then when you go to login to your account, *intentionally use an incorrect password. If that appears to log you in (it would be fake), then you've proven it was a scam. Or if other weird stuff happens - like going to a webpage you weren't expecting, or getting an error that a webpage could not be displayed. Those are all signs of fraud. If your intentionally incorrect password is rejected, as it would be on the legitimate website, then maybe* you are on the legit website. But you still don't know that for sure. But best - by far - is to ignore the phishing attempt. I cannot think of any company that would send you and email saying your account will be suspended if you don't respond to the email. If you have the technical knowledge, you can look at the incoming email source, including headers, and look at domains, trace IP addresses, etc., to help determine the legitimacy of the email. But I only do this checking for personal entertainment. I would never enter any sensitive information - passwords, etc. - after following a link sent in an email or text message. *Any* email. Legitimate companies never ask you to do that, unless they are stupid. And in that case, maybe you should consider doing business with a different, more intelligent, company instead. BTW, I do sometimes follow links sent in emails ... for entertainment. But that is done from my play computer that has nothing on it. No writable media - no hard disks, no SSDs, no flash drives, nada. I boot it off of a DVD and load the entire OS into RAM. I connect it to a totally isolated VLAN network. So the phisher is not going to harm my computer, network, or personal data in any way. And I know not to enter any sensitive information. Well, I do enter that stuff, but it is totally fake made up info so I can probe and look around at what the scammer is attempting to do. And often times your email address is included in the link they want you to click on. They use your click to verify that the email address is a good one, ripe for selling for future spam. So you have to alter the link they want you to click on to hide this information if you're going on an entertainment adventure. Sometimes your email address is in plain text, sometimes it's encoded. So be sure to kludge up any random looking character strings in the link before actually going there.