D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Amazon - DHL - problem

 

On 07/02/12 11:44, Neil Winchurst wrote:
Yesterday a friend told me his tale of woe. He has ordered something
from Amazon. Fine, so do many of us. Then he received an email,
supposedly from DHL, referring to his order, asking him to click on an
attachment. You guessed it, he did just that and his hard disk was
trashed. Luckily he does have a backup on an external drive which was
not plugged in at the time. But meanwhile he has had to leave his
computer with a local computer expert who is trying to sort it all out.


I'd suggest trying Linux to him, or maybe making sure his anti-virus is up to date?

This sort of thing has been going on for ages and is usually picked up by things like AVG, Avast etc.

So, some thoughts on this. Yes, I know, it is easy to be wise after the
event.

Yep, for those who aren't computer literate they can get caught out. Even those with a bit more computer knowledge can get caught out from time to time.

This is also a reason for why running anything on Windows as an Administrator (XP default) is a BAD thing. Vista and Windows 7 offer a little bit more protection against things like this and will pop up a warning if something wants to run as an administrator, still doesn't mean the user won't just click "Yes, run this program as an administrator".


I do not know if DHL do courier work for Amazon, but even so, they are
unlikely to email someone directly. Anyway, how would they know the
email address?


Chances are they may have harvested his e-mail address somehow, maybe he's signed up for something that sold his e-mail address on, or maybe someone forwarded on an e-mail (joke e-mail etc) and included him in the forwarding and then this was forwarded on to someone else who included the pages and pages of e-mail addresses? (it happens, someone forwards on a joke, doesn't remove the 20 or other e-mail addresses which are in the e-mail, gets forwarded on again and so on).

Not sure which courier Amazon use (when I've ordered stuff off Amazon it's been Royal Mail or Parcel Force which has delivered the stuff) but I think it's just coinsidence that he got this e-mail after ordering from Amazon.

How did the scammer know about the order anyway? And how did he know my
friend's email address?


See above :-)

There are some very sad people around.


Yes.  Sadly there is.  But we can educate those Windows users :-P

Yes, my friend does use Windows, though I do not know which version. If
he had been running Linux would the scam program still have run
successfully? I ask this because I could perhaps talk to him about
moving to Linux to avoid such problems, if it would indeed be safer,
once his computer is sorted.

Probably not. Well, it might have run under Wine but it would be restricted to what it could do, at best it would have just had access to his home directory unless he'd actually gone to the effort of running it through wine while logged in as root (so pretty unlikely).


Any comments anyone...?


See above :-)

Rob

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq