Monday, November 29, 2004

spoof an online ecommerce operation?

Just in time for the holidays: A fellow I know might have been spoofed, or phished, or whatever it is via those oddball coupon sites for major vendors. Maybe someone reading this can say if they've ever seen anything like it. If not, this might be considered a cautionary tale:

Last week I sat and watched Eddie order a new desktop from Dell.com. Except at the last moment, he looked for those time-sensitive coupons to save a few bucks. He googled, and found a site that had what appeared to be legitimate Dell coupon offers, but when he clicked on them, instead of getting a coupon number to enter on Dell's site, he landed on a perfect replica of Dell's customized order page, with the coupon number already inscribed where it was to go. It looked for all the world like a legitimate affiliate site.

He selected the features he wanted, gave his credit card, etc. A short time later, he received an "acknowledgement" that had all the branding, graphics, fine print of Dell emails, along with every detail of his order, the right specs and prices, etc., but curiously no order number, no customer number, no estimated ship date. I.e., nothing that would enable him to reference the order. All these things were promised to arrive within a day with a confirmatory email.

None arrived. Today he called Dell, and after more than 90 minutes with two reps, all he know was that Dell had no record of his order, and says its acknowledgments always have some unique identifier.

Was he spoofed? It's being checked.

We've both ordered from Dell before, never a problem. But this coupon-clone site was strange. Is it now practicable for a spoofer to clone a major vendor's order sheets, and its acknowledgment email, thus capturing credit card info?

Fortunately Eddie's card hasn't been charged, and he's making sure it won't be. He's also sent the peculiar acknowledgment to Dell for a look. But anyone who's heard of comparable scenarios is implored to drop an email or a comment, gracias.

Update: After three Dell reps failed to locate Eddie's order, a fourth did. The cause of the mystery, as one can imagine, remains obscure. The paranoia level around here has been lowered to aubergine. Still, the possibility of some bizarro coupon hijacking of this sort - in theory - has not been disproved. It just seems not to have happened here.

2 Comments:

Anonymous Anonymous said...

I just recieved a spoof of a Dell ad from dhs@dell.m0.net with all links going to that domain. I see noting at that domain so it may have been killed before the message ever got to me.

3/31/2005 1:00 PM  
Anonymous Anonymous said...

I have a subscription to your Dell Direct Deals sending e-mails to my site at school. My account #XH9W53SZPQGV1Z. I want to unsubscribe from this account. I do not want anymore e-mails sent to me.Please notify me that has been care of. Thank you.

9/23/2005 10:47 AM  

Post a Comment

<< Home