On Twitter: @JamesFirth and @s_r_o_c (post feed)

Got a tip? tip@sroc.eu

Wednesday, 10 April 2013

What's the real reason for Amazon resetting customer passwords?

I got an email this morning from Amazon.  A legit email, DKIM signed by Amazon's email server.

Amazon have reset my password because they say I 'may have been subject to a phishing scam'.

But why now? Running my own mail servers and a string of public email addresses I'm subject to Amazon phishing scams on an almost daily basis, as I am with many other companies.

And why did Amazon suspect I've been subjected to a phishing scam?  Have they read the phishing emails on my private mail servers?...

No, of course they haven't.  Phishing Amazon customers is an activity that only involves Amazon infrastructure when the scammers use credentials phished from me to perform illegal transactions on my account.

And since I'm pretty certain my credentials haven't been phished from me  - as a professional involved in this area I'm on high alert for odd emails - the only reason I can think of for Amazon to suspect I'm at increased risk of phishing is if my email and perhaps other personal details have somehow leaked from Amazon.

I don't mind my password being reset as a security precaution.

But I do mind the tone of the email they sent, which makes it sound like it's my fault for being at increased risk of phishing, along with handy links to protect myself.

When I reset my account I will take the precaution of removing all my credit card details. Much as it is a pain to re-enter whenever I buy music I suspect there is more going on here.

Here's the email in full (my bold - I'm curious why they don't want me to use my previous password if I know I haven't been subject to a phishing attack...):
Hello J * Firth, 
This is an important message from Amazon.co.uk 
As a precaution, we've reset your Amazon.co.uk password because you may have been subject to a "phishing" scam. 
Here's how phishing works: 
A scam artist sends an e-mail, which is designed to look like it came from a reputable company such as a bank, financial institution, or retailer like Amazon.co.uk, but is in fact a forgery. These e-mails direct you to a website that looks remarkably similar to the reputable company's website, where you are asked to provide account information such as your e-mail address and password. Since that website is actually controlled by the phisher, they get the information you entered. 
Go to amazon.co.uk/phish to read more about ways to protect yourself from phishing. 
To regain access to your Amazon customer account: 
1. Go to Amazon.co.uk and click the "Your Account" link at the top of our website. 
2. Under Account Settings, click the link that says "Forgotten your password?" 
3. Follow the instructions to set a new password for your account. 
Please choose a new password and do not use the same password you used with us previously. If you have used the same password for your email account as on your Amazon.co.uk account, you should also change your email account password to prevent phishers from reading and/or stealing your emails. 
I hope this helps. 
We look forward to seeing you again soon at Amazon.co.uk 
Please note: this e-mail was sent from an address that cannot accept incoming e-mail. To contact us about an unrelated issue, please visit the Help section of our website.


No comments:

Post a Comment

Comments will be accepted so long as they're on-topic, do not include gratuitous language and do not include personal attacks or libellous assertions.

Comments are the views of the commentator and not necessarily the view of the blog owner.

Comments on newer posts are not normally pre-moderated and the blog owner cannot be held responsible for comments made by 3rd parties.

Requests for comment removal will be considered via the Contact section (above) or email to editorial@slightlyrightofcentre.com.