识别虚假(欺骗性)电子邮件

您可能会收到来自亚马逊的电子邮件,如“已售出,即将发运”电子邮件或“技术通知”电子邮件。 但是,有时您可能会收到并非真正来自亚马逊的电子邮件,即使第一眼看去它们可能很像。这类电子邮件是伪造的,试图说服您透露敏感的账户信息。

这些伪造的电子邮件也称为“欺骗性”电子邮件或“网络钓鱼”,看起来类似于亚马逊发出的合法电子邮件。通常这些电子邮件会将您引导至看起来类似于亚马逊网站的伪造网站,其中可能要求您提供账户信息,如您的电子邮件地址和密码组合。

遗憾的是,这些伪造网站会窃取您的敏感信息,然后在您不知情的情况下将这些信息用于诈骗。

要防止自己回复这些电子邮件,您可以遵循一些简单的规则:

  • 知道亚马逊不会要求您提供的信息: 亚马逊不会在电子邮件通信中要求您提供以下信息:

    • 您的银行账户信息、信用卡号码、PIN 码或信用卡安全码(包括以上任何信息的“更新”)

    • 您母亲的婚前姓氏或识别您的其他信息,如您的出生城市或您最爱的宠物名字

    • 您的亚马逊或卖家平台账户密码

  • 查看电子邮件是否存在语法或拼写错误: 注意拙劣的语法和拼写错误。许多网络钓鱼电子邮件都从其他语言翻译而来,或在发送前没有校对过。

  • 检查回信地址: 真正来自亚马逊的电子邮件将始终以“@amazon.com”为地址结尾。 检查电子邮件的标题信息。如果电子邮件的“发件人”、“收件人”或“退信地址”不是来自“@amazon.com”,则该电子邮件并非来自亚马逊。大多数电子邮件程序都能让您检查电子邮件的来源。根据您使用的电子邮件程序的不同,用来检查标题信息的方法也不一样。以下是欺诈性回复地址的一些示例:

    • seller-performance@payments-amazon.com

    • amazon-security@hotmail.com

    • amazon-payments@msn.com

  • 检查网站地址: 一些网络钓鱼者会设立欺骗性的网站,在其网站的 URL 中会包含 [ amazon ] 字样。真正的亚马逊网站始终以 [ .amazon.com ] 、 [ amazonsellerservices.com ] 或 [ sellercentral.amazon.com ] 结尾。 我们绝不会使用 [ security-amazon.com ] 或 [ amazon.com.biz ] 这样的组合。

  • 如果您存在疑问,请直接转到亚马逊或卖家平台网站: 一些网络钓鱼电子邮件会包含一个链接,看起来好像能转到您的亚马逊账户,但实际上是一个缩短的链接,指向完全不同的网站。如果您在电子邮件客户端查看邮件时将鼠标悬停在链接上方,通常您会看到潜在的虚假网站地址,以弹出形式出现,或者以浏览器状态栏中的信息形式出现。

注意: 但悬停技术也可能受到蒙蔽。如果您点击了一个链接,则当页面打开时必须查看浏览器中的 URL。

确保您不会回复网络钓鱼电子邮件的最佳方法是始终直接转至您的卖家账户,以查看或更改账户。若有所怀疑,请勿点击电子邮件中的链接。

  • 请勿取消订阅: 绝对不要遵照假冒电子邮件中声称提供“取消订阅”方法的说明操作。许多垃圾邮件发送者会使用这些取消订阅流程来收集一系列有效且可用的电子邮件地址。

  • 使用卖家平台中的功能追踪您的订单: “已售出,即将发运”电子邮件通知是非常有用的工具。但是,您可以使用卖家账户中的“管理订单”功能找到订单的最准确和最新的信息。

  • 如果优惠条件好得令人难以置信,则很可能是虚假信息: 有时,网络钓鱼电子邮件会告诉您只需完成简单的任务(例如登录您的卖家账户)即可获得优惠(例如折扣或免费商品)。 我们建议您永远不要通过点击电子邮件中嵌入的链接来登录您的卖家账户。 

帮助阻止网络钓鱼者和诈骗者

您可以起到关键作用。亚马逊已针对网络钓鱼者和诈骗者提出多起诉讼。这些诉讼开始于卖家提示亚马逊注意可疑电子邮件。作为我们持续致力于防止欺骗的一部分,您可以帮助我们调查欺骗性电子邮件。使用我们的报告网络钓鱼表格,将原始欺骗性电子邮件连同完整的标题信息发送给我们。

要获取标题信息,请将您的电子邮件程序配置为显示【所有标题】。(这会根据您使用的电子邮件程序而有所不同。) 我们需要的标题需标记良好且类似于以下示例:

X-Sender: someone@domain.com

X-Sender-IP: [10.1.2.3]

X-Date: Tue, 08 Apr 2003 21:02:08 +0000 (UTC)

X-Recipient: you@domain.com

X-OUID: 1

注意: 亚马逊无法回复报告欺骗性电子邮件或网络钓鱼的所有电子邮件,但我们一定会阅读并采取相应的措施。如果您对账户存有疑问,请搜索“卖家平台帮助”或联系我们。


 亚马逊官网原文详情:

Identifying false (spoofed) e-mails

You might receive emails from Amazon, such as Sold, Ship Now emails or Technical Notification emails. However, sometimes you might receive emails that are not really from Amazon, even if at first glance they may appear to be. Instead, such emails are falsified and attempt to convince you to reveal sensitive account information.

These false emails, also called "spoofed" emails or "phishing," look similar to legitimate emails from Amazon. Often these emails direct you to a false website that looks similar to an Amazon website, where you might be asked to give account information, such as your email address and password combination.

Unfortunately, these false websites can steal your sensitive information, which can then be used without your knowledge to commit fraud.

To protect yourself from responding to these emails, you can follow some simple rules:

  • Know what Amazon won't ask in email: Amazon will not ask you for the following information in an email communication:

    • Your bank account information, credit card number, PIN number, or credit card security code (including "updates" to any of the above)

    • Your mother's maiden name or other information to identify you, such as your birth city or your favorite pet's name

    • Your Amazon or Seller Central account password

  • Review the email for grammatical or typographical errors: Watch for poor grammar or typographical errors. Many phishing emails are translated from other languages or are sent without being proof-read.

  • Check the return address: Genuine emails from Amazon always will come from an address ending in "@amazon.com." Check the email's header information. If the "received from," "reply to," or "return path" for the email does not come from "@amazon.com," it is not from Amazon. Most email programs let you examine the source of the email. The method you use to check the header information varies depending upon the email program you use. The following are some examples of fraudulent return addresses:

    • seller-performance@payments-amazon.com

    • amazon-security@hotmail.com

    • amazon-payments@msn.com

  • Check the website address: Some phishers set up spoofed websites that contain the word "amazon" somewhere in the URL. Genuine Amazon websites always end with ".amazon.com", "amazonsellerservices.com" or "sellercentral.amazon.com." We will never use a combination such as "security-amazon.com" or "amazon.com.biz."

  • When in doubt, go directly to Amazon or the Seller Central website: Some phishing emails include a link that looks as though it will take you to your Amazon account, but it is really a shortened link to a completely different website. If you hover over the link with your mouse when viewing the message in your email client, you often can see the underlying false website address, either as a pop-up or as information in the browser status bar.

Note: The hover technique can be fooled. If you do click on a link, always look at the URL in your browser when the page opens.

The best way to ensure that you do not respond to a phishing email is to always go directly to your seller account to review or make any changes to the account. When in doubt, do not click on a link in an email.

  • Do not unsubscribe: Never follow instructions contained in a forged email that claim to provide a method for unsubscribing. Many spammers use these unsubscribe processes to create a list of valid, working email addresses.

  • Use the features in Seller Central to track your orders: The Sold, Ship Now email notification is a useful tool. However, you can find the most accurate and up-to-date information for your orders using the Manage Orders feature in your seller account.

  • If an offer sounds too good to be true, it probably is: Sometimes phisher emails will offer you deals, such as a discount or a free item, in return for completing a simple task, (for example, signing in to your seller account). We recommend that you never sign in to your seller account by clicking on a link embedded in email.  

Help stop phishers and spoofers

You can make a difference. Amazon has filed several lawsuits against phishers and spoofers. These lawsuits began with sellers alerting Amazon to suspicious emails. As part of our ongoing commitment to stop spoofing, you can help us investigate spoofed emails. Send us the original spoofed email, with the complete header information, using our report phishing form.

To locate the header information, configure your email program to show All Headers. (This varies, depending on the email program you use.) The headers we need are well labeled and will look similar to this example:

X-Sender: someone@domain.com

X-Sender-IP: [10.1.2.3]

X-Date: Tue, 08 Apr 2003 21:02:08 +0000 (UTC)

X-Recipient: you@domain.com

X-OUID: 1

Note: Amazon is not able to respond to all emails reporting spoofed emails or phishing, although we do read them and take action as appropriate. If you have specific questions about your account, search Seller Central Help or contact us.

 文章来源:亚马逊官方网站 

(本文内容根据网络资料整理,出于传递更多信息之目的,不代表连连国际赞同其观点和立场)