Beware of this Amazon phishing e-mail

Here's a phishing e-mail making the rounds that I've received twice in the past week.

Here's the full text:

Hello, I wanna ask you if you still have this item for sale,sorry for bothering you ,but i think is a error in this link ,send me an reply after you able to sell the product. ! Please let me know soon.

http://www.amazon.com/exec/obidos/tg/browse/-/172282412312

Thank you.

Brian Petesburg.

The e-mail address displayed was BrianPetesburg@bellsouth.net. If you reply to the message, it goes to commmgr-autoreply@amazon.comt.

Of course this is a scammer hoping you'll go to his Web site and enter your Amazon ID and password. Then all hell breaks loose with your account.

There are several things about this e-mail that tip you off that it's a fraud. For one thing, the URL embedded in the e-mail wasn't the one that appears in the text. The URL actually went to a rogue site:
http://210.233.10.229/wiz/www.amazon.com/gp/SignIn.html

(You can see the actual URL by moving your mouse over the URL displayed in the e-mail while looking at the bottom of your browser. This rogue site has been shut down, but this phisher probably is using a different one by now.)

Do you see any more telltale signs that this e-mail is from a phisher? Have you received one of these lately?

Here's more information about Amazon phishing scams. At the bottom is a link for reporting these "spoof" e-mails.

Q&A: Is it safe to sell books on Amazon and eBay?

QUESTION: I'm interested in selling used books on Amazon and eBay to supplement my retirement income. But I'm worried about giving my credit card to Amazon and PayPal, even though I buy books from online booksellers through Amazon all the time. I cannot jeopardize my life savings in any way.

ANSWER: I can understand the concern, and I felt exactly the same way when I started bookselling. However, I've earned my living from deposits to a regular checking account from Amazon and PayPal thanks to my bookselling during the past six years. I've never had an unauthorized deduction to my account from PayPal or Amazon, and I've never heard a story of this happening to anyone else. Sure, there is a customer every now and then who might try to cheat you. But looking at the big picture, there are U.S. consumer-protection laws against unauthorized charges to bank accounts and credit cards. So you can report any bad transactions to your bank, if it ever comes to that.

You could probably gain some peace of mind by setting up a separate bank account to collect your deposits from the bookselling, and transfer the funds periodically to your personal account. This is a worthwhile thing to do anyway, so you can keep your business and personal funds separate.

The biggest danger to online sellers, I think, is with hackers and "phishing" e-mails that ask you to "update" your account information, and give a Web link for you to follow. These are always fraudulent, and a scammer can gain access to your accounts if you give your password. The only thing you have to remember is, never follow a link in an e-mail that supposedly takes you to eBay, Amazon, a bank, or anywhere else you need a password. Instead of following links, open your Web browser and type in the address yourself.

Phishing isn't unique to online selling, of course -- everyone with an e-mail account receives this junk. But some of it can appear legitimate, so keep your guard up. Here is more information on fraud prevention from Amazon and eBay.