[thelist] phishing and urls

Lightning oktellme at earthlink.net
Fri Sep 9 11:18:54 CDT 2005

This morning I got a phishing email supposedly from amazon.com.

I knew it was phishing, of course, because it had that famous line "your
account will close within 24 hours unless you click on his link and verify
your information".

What scared me particularly on this phish was this - I clicked on the link
(I often check to see where a phisher wants to take me, and the url given
was definately an amazon.com address! (Many phishers will lead you to a
misspelled address, or an address with an alien header such as
www.amazzon.com or www.verification.amazon.com.) But, no, this really was
the amazon site. The email also attempted to put amazon.com cookies on my

What scared me even more was I then wrote a letter to amazon alerting them
of the email, and found my email program no longer worked. So... did this
phisher ALSO put a virus, or change a setting on my email?

I immediately restored my computer to an earlier point. My email is working
fine now, and the letter went off to amazon. They sent back a letter saying
that phishers CAN take you to one site while displaying that you are at
another url!!

ok, the above is the story. Below are my questions:

1. HOW can a page make the url be different from the url you are visiting?
2. How can an email use cookies?
3. I was taught that a site can only create and read cookies that match the
domain name they come from. Can someone please set me straight on the facts
about cookies?
4. I thought you would be safe from viruses and unautthorized changes to
your system if you don't click on any attachments. How does an email
transfer a virus or a command if you don't click on an attachment? What are
the new rules for keeping your computer safe?

thanks for any explaination, or links to appropriate explainattions.


More information about the thelist mailing list