It always amazes us that people have so much time to create a computer virus or phishing scam, yet they do not have the time to create something legitimate that could continue to bring them a decent income. They never think about the fact that it takes more effort and energy to be deceptive than it does to be genuinely creative.
This one looks so real and does not make the usual outlandish promises that it almost escaped our detection. Usually a scam, or bogus email, is easy to figure out. The sentences are poorly worded, or they make offers that are too good to be true.
Email Survey Scam is not from Amazon.
This email promises a reasonable, or believable, amount of cash compensation for participating in a survey from Amazon. After all 10 pounds sterling is not really a huge amount, but just enough to cause the intended victim to say "Sure why not!".
But after taking the usual minute to sniff this one out we see that the sending domain is (notice-amazon.com) which immediately raises a "red flag" for us. Upon searching the domain we uncovered this information:
Domain Name: notice-amazon.com
Registry Domain ID: 784597598_DOMAIN_COM-VRSN
Registry Registrant ID:
Registrant Name: Web Admin
Registrant Organization: Ebills Online Services
Registrant Street: Río Lerma 299 Oficina 1902
Registrant City: Mexico
Registrant Postal Code: 11560
Registrant Country: MX
Since Amazon is not based out of Mexico we began to smell a rat.
The final clue came when we hovered over the link and it gave us a link that takes you to a PHP page with a query string (question mark in the address) which means it will prompt some sort of action once you call that page up.
Avoid being an email victim
Whether the link will seek to simply farm your email address, or plant a trojan on your computer, never click on a link you are not sure of. While this sounds like common sense, it is obvious not everybody heeds this information because scammers continue to find crafty ways to convince people to click links.
The best thing to do with any suspect email is to simply delete it immediately. Avoid the temptation to tell the scammer off in a response email, because all you are doing is verifying that your email address is active.
Keep your wits about you, and slow down while browsing your email inbox.