By Somali K Chakrabarti
We keep hearing about cyber hacking, malware and scams such as phishing , but it hits us the most when the security of our own site or our copyrighted material is compromised upon. I am sharing with you how my kindle book ‘Lei : A wreath for your soul’ recently became the target of a phishing scam.
I was startled when I noticed that ‘Lei : A wreath for your soul’ was available free for download on a particular website. To my utmost surprise the website also carried some reviews of my book along with comments from users who had downloaded the book. The screenshot is attached below.
As you can see in the first screenshot, the site owner has claimed that the book is available in word, ppt, epub and mobi versions as well. Clicking on the download link took me to another link where a pdf version was available for download.
Reporting the Problem
The immediate recourse that I took was to report the problem to Amazon, as I have opted for KDP Select program, which requires me to place the digital book exclusively on kindle.
To remove the site from search results, I reported the problem to Google, using the link Removing Content From Google and found it to be a cumbersome process.
After a day I heard back from Amazon saying that they have taken extensive measures to ensure the files remain secure through their services, and have not provided the files to them. They suggested that I contact the website.
This didn’t solve my problem, but their warning that it could be a phishing site, exposed me to the possibilities of a phishing attack.
Phishing, typically involves a fraudulent website that solicits personal, confidential, and financial information. The owner or the “phisher” persuades people to visit the site. Though phishers succeed in only a few instances, but the substantial rewards they can reap from even a single victim and the ease with which they can simultaneously launch numerous attempts makes this criminal activity lucrative.
Such sites operate in different ways. They may upload content and then ask for money to remove the content. They may also list content they do not have and offer “free downloads” as a way to entice customers into providing secure customer information.
I discussed the issue with my friend and co-blogger Lata Subramanian, who also suggested me to contact the website, confirm my rights and ask for removal of the content, which I did. She also advised that is better to have separate email ids for bank transaction and for use on social media.
The incident reiterates the importance of not disclosing any private information, including a credit card, to any suspicious website.
I wanted to spread the word around. The site is still up and running.
Please beware of phishing attacks.
As an update to this post , wanted to share that finally, after 10 days of filing the complaint with Google, I have received an email from Google that in accordance with the Digital Millennium Copyright Act, one of the urls (fusiontable) will be disabled and the other will be removed from Google search results.
The month ends on a happy note.
If you like this post, please consider following the blog.
Please like, share and/or leave feedback in comments below!