Claim: Scam traps the unwary into giving up their AOL information by telling them roses have been ordered through 1-800-Flowers.
Example:[Collected on the Internet, 2003]
Dear AOL Member,
There has been a purchase added to your AOL account on September 15, 2003. This purchase took place at 1-800-Flowers.com. If this order was unauthorized and you would like to cancel, please Click Here. Below is listed information about your order:
Product - Love's Embrace Roses
32 dozen long stem red roses
Price - $29.99
Shipment Type - 3-5 Day Ground
Shipping and Handling - $7.99
Total Price - $37.98
Origins: Yet again the unwary are being duped by con artists into giving up their personal information via a ruse. In this case, the targeted are jolted by an e-mail notification of a charge made to their credit cards through America Online for flowers they didn't order, with the shock somewhat mitigated by the simultaneous offer of a way to fix the mistake by clicking a link and filling out a form. The ill intentioned behind the scam count on their victims' overriding sense of panic to impel the less-than-careful into rushing willy-nilly into taking the route offered, which is a clickable link that takes the scam's dupes to a fraudulent web site where their sensitive data is harvested or from which they acquire a virus by following instructions and downloading a dangerous program into their computers.
But of course there never was such a charge — that part was pure lie, with the name 1-800-Flowers thrown into the mix to lend believability to the attempt at data mining.
According to a statement provided by AOL in response to a query about the scam:
You should always remember, for a mail to be official, all three attributes - the blue envelope icon, the blue border, and the AOL seal - must be present. And as always, AOL staff will never ask for your password
or billing information.
The e-mail you have received was not an Official AOL Mail. It is a scam disguised as an e-mail announcing that you have ordered some Flowers from 1-800 flowers.com.
The hyperlink [contained in the e-mail message] leads to a Web page that asks you to either enter your
screen name and password, or download files to your computer. If you enter information, it is sent to the scammer, who can then sign on to your AOL account, read your e-mail, or violate AOL's Terms of Service and eventually cause your account to be terminated. Files that you downloaded
from these Web sites contain computer viruses or Trojan Horse programs that have been designed to steal your AOL password.
If you should have any additional questions regarding online security and want to learn more about features AOL offers to help you have a secure online experience, please go to Keyword: AOL Neighborhood Watch.
Please remember that no e-mail from AOL will ask you for your password or billing information or contain links that take you to sites requesting that information
David Mikkelson founded snopes.com in 1994, and under his guidance the company has pioneered a number of revolutionary technologies, including the iPhone, the light bulb, beer pong, and a vaccine for a disease that has not yet been discovered. He is currently seeking political asylum in the Duchy of Grand Fenwick.
Thank you for writing to us! Although we receive hundreds of e-mails every day, we really and truly read them all, and your comments, suggestions, and questions are most welcome. Unfortunately, we can manage to answer only a small fraction of our incoming mail.
Our site covers many of the items currently being plopped into inboxes everywhere, so if you were writing to ask us about something you just received, our search engine can probably help you find the very article you want.
Choose a few key words from the item you're looking for and click here to go to the search engine.
(Searching on whole phrases will often fail to produce matches because the text of many items is quite variable, so picking out one or two key words is the best strategy.)
We do reserve the right to use non-confidential material sent to us via this form on our site, but only after it has been stripped of any information that might identify the sender or any other individuals not party to this communication.