« Spammer's Pants on Fire | Main | The Folly of Challenge-Response »

January 03, 2005

If you're an amazon.com customer, as I am, you probably enjoy getting those little notices that your recent order has shipped. "O frabjous day!" I thought to myself recently upon learning that the next DVD series of 'Rumpole of the Bailey' was in on its way.

The next day, however, wasn't so frabjous. Sitting in my "spam suspects" folder at my server was a message with this ominous subject:

Subject: Your order has been shipped

The From: line listed a human name, with a mismatching, non-corporate aol.com email address. The body of the message started as follows (identifiable bits disguised):

Thank you for shoppingl. This e-mail is to confirm that your order shipped on 13-12-2004. Based on the shipping method chosen at the time of purchase, your order is expected to arrive within 1-5 business days. If you have questions about the products you have ordered, order status or other customer service matters, please call 888-555-5555 or visit website http://www.foo_bar.com/order.html

Don't laugh at the date. Europe and many other places in the world put the month and date in the opposite order than the way we do in North America, so there's nothing wrong with December 13, 2004.

The URL of the Web site of my supposed purchase makes the place sound like an informational site for people interested in poker. Other than that, the message contained no corporate identity or details about what I had supposedly ordered. The message did contain a customer number and order number.

Even if you aren't an active online shopper, you might likely get incensed by a notice suggesting that you have ordered something you don't remember. You wonder if something has been charged to your credit card, and if so, how much?

This ploy—certainly not new—is intended to get you to visit the linked Web site to clear up some mistake or misunderstanding. There is no order. There is no credit card charge. And there are no customer and order numbers, except perhaps as a way for you to enter an identification number that validates your email address as being "live," and you being a click-through victim.

And that the Web site in question is associated with online gaming gives me an even greater reason to warn you off. These outfits tend to have good programmers working for them. It wouldn't surprise me to find the home page of this site including some source code subterfuge that redirects your browser to Popup Hell or surreptitiously installs Bad Stuff on un-updated Windows machines.

This deceit deserves the complete ZERO RESPONSE treatment, not only to keep the spam economy out of the trickster's pockets, but to protect yourself, as well.

I know it's hard to resist when the message sounds so real. Catch the rest of the message body:

To check your delivery status, and see carrier and tracking information, click here [no link in message, oops --DG]. Please note that tracking information may not be available immediately.

Note that your order may be shipped in separate boxes and may be delivered at different times. Systems and accessories may ship separately and have different estimated ship dates. Please use the Order Status tool to get more information regarding expected delivery date(s) for your order(s).

If your delivery requires a signature and you are unavailable to sign for the shipment, you may contact your designated carrier after their first delivery attempt to arrange for pick-up to prevent your package(s) from being returned to sender. Carriers typically attempt to deliver three times before returning to sender. Want to check details of your order, print an invoice, or review order history? Log into My Account. Note that your invoice may not be available online until 24 to 48 hours after shipment.

Should you have any additional questions, please visit us at http://foo_bar.com

ALL SALES ARE SUBJECT TO TERMS AND CONDITIONS OF SALE. YOU CAN FIND THEM BY VISITING OUR WEBSITE. Thanks again for your order. We appreciate your business.

A lot of this sounds as though it was lifted from a shipping confirmation of a legitimate online retailer. But the ALL CAPS line is the one that will get even slightly suspicious recipients to visit the site, and possibly put themselves in peril.

I know that barrister Horace Rumpole is oft quoted as saying "Rumpole does not prosecute!" But I wonder—if the jurisdiction were right—whether he'd like a shot at these sleazeballs.