X
Tech

Amazon Kindle eBooks targeted by scammers

eBooks have one feature that can't be found in print: the ability to have live hotlinks embedded in the text. And that presents an open field for scammers.
Written by David Chernicoff, Contributor

With somewhere on the order of one million titles available through the Amazon Kindle store, you can be assured that there is likely something for everyone's reading tastes to be found. You can be equally sure that no one at Amazon has read every title on their virtual shelves.  Nor should they have to; while history is replete with incidents of people trying to bowdlerize the content of reading material, there have always been bookshops that were willing to fight the good fight and make available content that some segment of society has found objectionable.

But eBooks have one feature that can't be found in print; the ability to have live hotlinks embedded in the text.  And while, for the moment, e-readers have only minimal browsing capabilities, every major e-reader has an app that can run on your phone or computer.

Now I'm not concerned that publishers are embedding malicious hotlinks in their text; my tinfoil hat isn't quite that tight, but the Kindle store also supports a thriving community of what used to be called "vanity" publishing.  Self-publishing your books to the Kindle store is now easily done, as was outlined by our Larry Dignan back in January.  And the issue here is that the eBook can contain more than just text.

This was brought to my attention, in a very annoying, but much less malicious fashion. At my fiancée's request, I downloaded a wedding related Kindle eBook that focused on something she's interested in.  It turned out to be a 10 paragraph common sense list that had very little to do with the topic, but also had a bunch of hotlinks to a "special bonus for kindle readers" which linked to a scam ‘change your life if you read this free document' site with a "charge me for a subscription every two weeks" poorly disguised link.

The eBook is completely valueless, unless you possibly need to pay for advice that tells you to make sure your wedding venue is large enough for your guests, the links are a scam, and this one "author" has about two dozen of these titles, at $2.99 each, all of which have the same vague content description (which I didn't realize until I did a little research after discovering the content of the eBook I purchased),  listed on Amazon. So not only does buying this Book open you up to being scammed, you also get the added joy of paying someone to take a shot at scamming you.

Based on Larry's Kindle publishing experiment blog, I expected something that fit the guidelines that were mentioned, at least in terms of length (10-30K words), with content that had seen some sort of approval process.  Instead I got a thousand words of vacuous advice and hotlinks to online scams.

Amazon quickly refunded my eBook purchase price after an email to customer service, so I suffered no harm.  But I realized that other buyers of this tripe might not be so fortunate.  You need access to a computer to request a refund and it needs to be done within 7 days.  And for less than $3 there are quite a few people who would simply chalk it up as a learning experience. But the links embedded in the document could just as easily have gone straight to a malware loaded site that relied on social engineering, an extremely successful technique, to get you to click on something that you shouldn't.

When I contacted Amazon about these issues their spokesperson first clarified that while Larry's article had been about self-publishing a Kindle Single, the eBook in question was not a Single and that singles do all require a certain length and price, and are editorially curated.  They have their own special Kindle store found here. (www.amazon.com/kindlesingles)

Amazon also let me know that they have a process in place to identify problematic content, which included customer feedback, and upon evaluation, the title that I had purchased had been removed from the Kindle store. However, there still remain 23 eBooks by the same author, all with the same vague Editorial Description, and all likely to have similar useless content and hotlinks that I found in the one I had purchased. Update: Amazon has removed all titles by this author.

Although I don't expect Amazon to employ a corps of readers to evaluate the content of the eBooks that are found throughout the Kindle Store, it might behoove them to disable the ability to hotlink content from within these documents to minimize their potential as a vector for malicious software attacks.

Editorial standards