Claim: Scam traps the unwary into giving up their AOL information by telling them roses have been ordered through 1-800-Flowers.
Example:[Collected on the Internet, 2003]
Dear AOL Member,
There has been a purchase added to your AOL account on September 15, 2003. This purchase took place at 1-800-Flowers.com. If this order was unauthorized and you would like to cancel, please Click Here. Below is listed information about your order:
Product - Love's Embrace Roses
32 dozen long stem red roses
Price - $29.99
Shipment Type - 3-5 Day Ground
Shipping and Handling - $7.99
Total Price - $37.98
Origins: Yet again the unwary are being duped by con artists into giving up their personal information via a ruse. In this case, the targeted are jolted by an e-mail notification of a charge made to their credit cards through America Online for flowers they didn't order, with the shock somewhat mitigated by the simultaneous offer of a way to fix the mistake by clicking a link and filling out a form. The ill intentioned behind the scam count on their victims' overriding sense of panic to impel the less-than-careful into rushing willy-nilly into taking the route offered, which is a clickable link that takes the scam's dupes to a fraudulent web site where their sensitive data is harvested or from which they acquire a virus by following instructions and downloading a dangerous program into their computers.
But of course there never was such a charge — that part was pure lie, with the name 1-800-Flowers thrown into the mix to lend believability to the attempt at data mining.
According to a statement provided by AOL in response to a query about the scam:
You should always remember, for a mail to be official, all three attributes - the blue envelope icon, the blue border, and the AOL seal - must be present. And as always, AOL staff will never ask for your password
or billing information.
The e-mail you have received was not an Official AOL Mail. It is a scam disguised as an e-mail announcing that you have ordered some Flowers from 1-800 flowers.com.
The hyperlink [contained in the e-mail message] leads to a Web page that asks you to either enter your
screen name and password, or download files to your computer. If you enter information, it is sent to the scammer, who can then sign on to your AOL account, read your e-mail, or violate AOL's Terms of Service and eventually cause your account to be terminated. Files that you downloaded
from these Web sites contain computer viruses or Trojan Horse programs that have been designed to steal your AOL password.
If you should have any additional questions regarding online security and want to learn more about features AOL offers to help you have a secure online experience, please go to Keyword: AOL Neighborhood Watch.
Please remember that no e-mail from AOL will ask you for your password or billing information or contain links that take you to sites requesting that information