Need Phishing help, kinda important


Sep 30, 2013
My mom calls me up and tells me that she received this email from Amazon that told her that her account was blocked, and she went to a phishing site and entered in her username and password. So at this point I thought "okay, well we can work through that, just go through and change your Amazon password and maybe even email address, and go through and change any accounts that have that email address and also any accounts that have a similar password or username to that email address".

Then she tells me something that makes my face turn a bit white. She also entered in her real name, address, and phone number into the site.
This is all the crap she gave away (Note that this site's obviously dangerous and you shouldn't put your crap in; but as far as I could tell, it doesn't do any ajax-based sending, so it only sends something if you actually submit the information):
The part before details.php (ie if you cut that out) takes you to a page with an Amazon login lookalike. I'm not sure why they bothered with AES encoding and obfuscating the page source, there was really no point; there's nothing special to it. Since encoding is all javascript-based, decoding is as simple as changing the document.write line to putting it into a textarea. There's also nothing special to the page source itself, as it doesn't seem to do AJAX sending... if I was designing this attack site, I would have had it phone home even with partial form information (in case someone decided to back out). I guess they were lazy. I did all this inspection (well most of it) with Sandboxie running.

Frankly, I'm not sure what all people can do with the information she gave away. That's the main thing I need help with. She called up her bank for now, and she's obviously changing her passwords. She also froze credit line opening. Thankfully the site comes just short of having her enter her Social Security number, so they don't have that... but the rest of it is kinda bad. You folks got any ideas? I'm sure some of you are more experienced than me in the fraud department.

I probably should have trained my parents a bit better, but I thought that she of all people would have more common sense than this...


Jun 10, 2015
I'm not sure I'd worry about it too much, as real name, address, and phone number for every person is widely available in public information sources. She probably is going to get a lot more junk mail now and telemarketing calls, but I can't see anything more being done with the information, with the exception of the Amazon account.