11-05-2010, 03:59 PM | #1 |
Connoisseur
Posts: 63
Karma: 558
Join Date: Jan 2010
Location: Copenhagen, Denmark
Device: Gen3, Boox 60, K3, Sony T1, Sandra has a Sony505, 650, K3
|
Fraudulent mail claiming to be sent from BEBOOK
I got the following from "My BEBOOK shopmanager":
Message from mybebook.com: Thank You For Your Order ! Check The Email And Download Your Bill Thank You For Your Order N#:NMR45480SD5497 You have Make an Order in Our Website in 03 novembre 2010 . Click Here To Download The Bill BEBOOK 2010 End of quote On mybebook.com it says that it is a fraud and you should not click on the link. It does not say whether it is sent to people in the bebook customer list, or where the mailing list is from. |
11-06-2010, 02:44 AM | #2 |
Addict
Posts: 231
Karma: 1591305
Join Date: Nov 2008
Location: Savannah, GA USA
Device: Kindle Paperwhite 2, Aluratek Libre Pro
|
I got the same email, the obvious error of "you have make an order in our website" was the bit that made me instantly suspicious. I deleted it without even considering clicking on the link.
|
Advert | |
|
11-06-2010, 03:02 AM | #3 |
Groupie
Posts: 156
Karma: 1003934
Join Date: Apr 2010
Location: Canada
Device: Nook Wifi
|
Virus alert! I was stupid enough to click on it, luckily my antivirus disconnected before any damage was done.
|
11-06-2010, 08:28 AM | #4 |
Addict
Posts: 262
Karma: 505124
Join Date: Dec 2009
Device: PRS-T2
|
I got the email, I never even looked at the beBook when I was looking for a ereader. Thankfully I remembered a while ago hearing about a scam along the same lines and I deleted the email.
|
11-07-2010, 05:02 AM | #5 | |
Wizard
Posts: 4,334
Karma: 4000000
Join Date: Oct 2008
Location: Paris
Device: Cybooks; Sony PRS-T1
|
Quote:
|
|
Advert | |
|
11-08-2010, 12:46 AM | #6 |
Curmudgeon
Posts: 3,085
Karma: 722357
Join Date: Feb 2010
Device: PRS-505
|
No.
You got that email from someone purporting to be BeBook. I could send out email purporting to be from you, too, if I had your email address (or, if I didn't care if they contacted you, even without it) and it would never have to go within a thousand miles of your mailserver. As I explained in the other thread on this subject, I routinely get phishing attempts for my Aion password ... despite the fact I've never in my life played Aion. The spammers cracked the email list of a specific forum (I know which one because I give out unique email addresses) and have randomly spammed those addresses on the theory that maybe someone who uses that forum plays Aion ... if I don't, they've lost nothing; if I'm smarter than a small zucchini, they've lost nothing; if I'm stupid enough to respond, they win. Before I disabled a particular public address, it was getting hit with "fraud" notices from banks I didn't have accounts or credit cards with; again, the phishers had nothing to lose and everything to win, so why not try and see if that address goes to a sucker who actually does have an account with a well-known bank which just doesn't happen to be mine? Unless you give everyone you do business with a unique email address, so you know where the leaks are, all you know is that somehow, that address got into the hands of phishers, and those particular phishers are using that particular stunt to get you to install their trojans. So, it's not BeBook's fault; they're at least as much of a victim as you are (or more; talk to someone on the receiving end of a "Joe job" sometime). If you read headers, you could find out what zombie computer sent the email, but that's unlikely to tell you anything useful. The bottom line is the same as always: Don't run executables. Don't use Outlook. Don't let your OS hide extensions. And don't muck around in things you don't expect, like "receipts" from companies you haven't bought from in the past hour. |
11-12-2010, 05:30 PM | #7 |
Connoisseur
Posts: 63
Karma: 558
Join Date: Jan 2010
Location: Copenhagen, Denmark
Device: Gen3, Boox 60, K3, Sony T1, Sandra has a Sony505, 650, K3
|
Thanks for the reply. I know, that "My BEBOOK shopmanager" is only the display name. I know, i have no chance of finding out who did this, and I also know that I could do nothing about it, if I could identify who did it.
It was implied in my post that the sender was someone imposing as BEBOOK. Personally, I did not click the link. My reasons for posting were these. 1) Trying to find out who else got it. 2)Warn people who might otherwise have clicked it. I am also not trying to put blame on anyone (except people trying to trick other people). But I do think it is interesting to know, where the bad guy got the email addresses from. Did he get them from bebook, from this forum, from another dealer? Did I, and the other recipients, expose our email addresses linked together with an interest in ebooks? There might a hole that could be closed somewhere. |
11-12-2010, 09:56 PM | #8 | |
Curmudgeon
Posts: 3,085
Karma: 722357
Join Date: Feb 2010
Device: PRS-505
|
Quote:
Your title is "Fraudulent mail from bebook", not "Fraudulent mail from someone posing as bebook". There's a BIG difference. As for finding out where the phishers got the email address, unless you have trackable addresses (have your own domain name and give everyone you do business with a separate address, then see which one the spammers hit) you can't. You might have mentioned your email address somewhere. It might have been stolen internally by some forum admin. It might have leaked in a number of ways. It might, like in the TJ Maxx incident, have been stolen in (or en route to) the back office. It could have something to do with ebooks, or the phishing could be totally random, like the ongoing attempts at getting me to give phishers my info for credit cards I don't own. If your email address is something moderately obvious, like fred@somewhere.com, they may just be hitting all the ordinary names -- at one point, that was happening to a catchall of mine. Without information you don't possess, you really can't figure out who, how, or where. |
|
11-13-2010, 05:43 AM | #9 |
Connoisseur
Posts: 63
Karma: 558
Join Date: Jan 2010
Location: Copenhagen, Denmark
Device: Gen3, Boox 60, K3, Sony T1, Sandra has a Sony505, 650, K3
|
Title Change
Point taken. I had too much implied in the title. I was given the option of change the title, and I took it.
A small note, I believe i wrote "I am not trying to put blame on anyone". I might have been unsuccesfull, since I must admit reading the original title gives the impression that I actually think the mail is from bebook. However, it was never the intention to put any blame on bebook. I am sorry if that was the outcome. |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
(Home) repair of burst cell (dark spot) possible? Also, claiming on insurance ... | Albyr | iRex | 2 | 07-14-2010 03:27 PM |
BeBook Neo e-mail & wifi | gastan | BeBook | 3 | 04-22-2010 12:12 PM |
PR-505 vs Bebook mini vs Bebook (5'' vs 6'' screens) | aliettedb | Which one should I buy? | 12 | 02-03-2010 07:28 AM |
Disastrous firmware upgrade for many BeBook users: no excuses from BeBook!!! | Diogene | BeBook | 86 | 12-10-2008 11:02 AM |
E-Mail Signatures in Mac Mail? | Pride Of Lions | Lounge | 0 | 03-05-2004 09:47 PM |