アフガニスタンとは全く関係ないのですが、最近身に降りかかったちょっとした事件をシェアします。

先日下記のようなメールがAmazon.comから来ました。ちょっと長くなりますが、そのまま引用します。

Subject: Billing Issue regarding your Amazon.com account
From: Amazon Payments
To: xxxxxxxxx@xxxxxxxxxx
Hello xxxxxxxxx@xxxxxxxxxx(私のメルアドです),

Greetings from Amazon Payments.

Your bank has contacted us regarding some attempts of charges from your credit card via the Amazon system. We have reasons to believe that you changed your registration information or that someone else has unauthorized access to your Amazon account Due to recent activity, including possible unauthorized listings placed on your account, we will require a second confirmation of your identity with us in order to allow us to investigate this matter further. Your account is not suspended, but if in 48 hours after you receive this message your account is not confirmed we reserve the right to suspend your Amazon registration. If you received this notice and you are not the authorized account holder, please be aware that it is in violation of Amazon policy to represent oneself as another Amazon user. Such action may also be in violation of local, national, and/or international law. Amazon is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the intent to commit fraud or theft. Information will be provided at the request of law enforcement agencies to ensure that perpetrators are prosecuted to the full extent of the law.

To confirm your identity with us click here:
https://www.amazon.com/exec/obidos/xxxxxxxxxxxxxxx

After responding to the message, we ask that you allow at least 72 hours for the case to be investigated. Emailing us before that time will result in delays. We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter.
Thank you for your interest in selling at Amazon.com.

Amazon.com Customer Service
http://www.amazon.com
This message and any files or documents attached may contain classified information. It is intended only for the individual or entity named and others authorized to receive it. If you are not the intended recipient or authorized to receive it, you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately then delete it from your system. Please also note that transmission cannot be guaranteed to be secure or error-free.

実は以前にクレジットカードを不正利用された経験があったので（念のため、Amazon上ではありません）、またかと思い、To confirm your identity with us click hereと指示されたURLをクリックしました（ちなみにこのブログ上では若干URLを改変しております）。すると以下のようなサイトがでてきました。

http://www.amazon.com.437663.0023dneea.com/exec-obidos/signin.php?exec/obidos/flex-sign-in/ref=gw_hp_si/103-3177084-7567864?opt=a&page=recs/sign-in-secure.html&response=tg/recs/recs-post-login-dispatch/-/recs/pd_rw_gw_ur/ref=192930_1/3-3&ref=am&emaddr=
注意：上記サイトはScam（詐欺）サイトですので、決してご自分のメルアドやパスワードなどの情報を入力しないでください。

このパスワード入力画面、ぱっと見はAmazon.comそのものなんですが、何となくフォントが大きすぎたり、見慣れた画面と比較するとどことなく違和感があると私の第六感が訴えます。で、URLに目をやると、http: //www.amazon.com.437663.0023dneea.com/xxxxxとなってまして、「あれ、さっきクリックしたURLと違ってるぞ、こりゃ怪しいなぁ」、と益々いやーな予感が高まります。そして送付元のpayments-messages@amazon.comをググってみると、案の定Phishing（ウェブ上の偽装詐欺）。もし気づかずにこのままパスワードを入力していたら、間違いなく被害につながっていたことと思います。要はAmazon.comを名乗るふてー野郎だったと。

皆様、釣られぬようお気をつけください。