Thursday, 29 November 2007

Facebook, Amazon & Faebook Scam

« Six Improvements | Main | Happy 2008 - Any New Year Wishes for Simpy? »
Wow -- I think I just made a serendipitous discovery! Tell your friends who work at Facebook and Amazon... email Bezos...

I wanted to go to Facebook and instead typed faebook.com. Note the missing "c". Guess what's hiding on faebook.com? You'd never guess! Amazon.com!
Well, that is what I thought at first. I couldn't believe my eyes! Why would Amazon be playing such a dirty little misspell-a-popular-site-name-and-come-to-us game? A quick WHOIS lookup reveals this is really not Amazon's domain: 
Domain Name: FAEBOOK.COM
Registrant [1003228]:
        Moniker Privacy Services
        20 SW 27th Ave.
        Suite 201
        Pompano Beach
        FL
        33069
        US
You can see that for yourself here. Amazon.com's record looks like this: 
Registrant:
Amazon.com, Inc
   Legal Dept, P.O. Box 81226
   Seattle, WA 98108-1226
   US
   Domain Name: AMAZON.COM
You can see that for yourself here.

So what's going on here?!? Clearly, some scammer is trying to benefit from Facebook's popularity, people's tendency to make the same mistake I did when I typed Facebook without a "c", and Amazon's affiliate program. This is technically super-easy to do and this particular cheat is simply using HTML frames to accomplish his dirty little goal. He uses a frame that consumes the whole browser window to pull in Amazon's pages and thus appear nearly 100% like a genuine and familiar Amazon.com, the site where we've all shopped a million times and are likely to do so again, especially during this time of the year. I am sure neither Facebook nor Amazon will be pleased to see this. What is more, it looks like this scammer might actually be making decent money from this trick, or at least that's what Compete's numbers point to:

Well, maybe not a lot of money is actually being made there. Compete shows a very low number of pages viewed per visit, which tells us people leave the site very quickly. This makes sense - you don't expect to see Amazon's site if you were trying to go to Facebook. Thus, most people probably mumble WTF, re-type Facebook.com correctly, and leave Faebook.com behind.
Posted by otis at 2:29 AM in /
Comments (9) Trackbacks (0) Simpify!

Technorati Tags:

Comments on this entry:

Left by Dante at Thu, 29 Nov 5:52 AM

and thus appear nearly 100% like a genuine and familiar Amazon.com

What do you mean? It is 100% Amazon, amazon.com/?%5Ftag=faebook-20 to be exact. As you yourself mentioned, it's just a (genuine) affiliate program scheme :)

Nothing dangerous either, if the browser applies the different-domain security policy correctly.

Left by Otis Gospodnetic at Thu, 29 Nov 11:04 AM

Dante:
Heh, not exactly, I think. Sure, it is the Amazon affiliate, but I doubt this is how the program was meant to be used. Certainly looks scammy under that faebook.com domain, and certainly tries to fool users.
Wouldn't you agree?

Left by Akshay <hugeh.com> at Fri, 28 Dec 11:30 AM

Its really true, i thought that its a publicity stunt but when i tried doing this i found it to be true to the core... who knos if i log in like this in Amazon for free i may have revealed my card number too...
thanks a lot buddy
we may have got cheated otherwise.

Akshay

Website Designing and Development Company, Mumbai, UK, London, India
http://www.hugeh.com/

Left by Night Life Los Angeles at Wed, 2 Jan 9:49 PM

I hate that aaaa! scam sites are so often used to get credit card numbers or to introduce viruses into your computer to get your information (or to hy-jack your computer to yet more fake web sites.
I've gotten to where I really check out web sites when I'm shopping and I only use a "GIFT VISA" for shopping online . James

Left by Pele Odiase at Tue, 8 Jan 12:43 PM

Sites that like that shouldn't be trusted at all, there should be transparency even if it is a genuine affiliate program with amazon

Left by Cabinets Los Angeles at Thu, 28 Feb 1:40 AM

I actually logged into my amazon account from faebook.com and opened my account info. From there my firefox shut down and I went ahead and restarted my computer knowing that it had been on for several days at this point. After I logged back in I checked my online account and monitored it for the next several days. Someone had lifted my account info and was having DVDs shipped to them at a diff address with my name on it. I then contacted usbank and amazon and gave them the information that I had uncovered and was refunded my money and had my info requested as for an offical of the law to contactact me later. I have since seen that faebook.com is down and now the perp seems to have gotten himself in trouble. Remember when phising on myspace started with the whole nyspace.com shebang happened?

Tommy

Left by Otis Gospodnetic at Thu, 28 Feb 11:21 AM

Tommy - wow, great information! Thank you for sharing! I am happy to see faebook.com is gone.

Left by JAJA at Sat, 13 Sep 7:39 AM

JAJA, UPYACHKA! UG NE PROIDET, BLYA!

Left by Bилям at Thu, 26 Nov 10:50 PM

На самом деле, как говорится - Без пользы жить - безвременная смерть.

Your comment:

(not displayed)

Answer 5 - 7 =

 
 
 

Live Comment Preview:

 
« November »
SunMonTueWedThuFriSat
    123
45678910
11121314151617
18192021222324
252627282930 
       

Powered by blojsom