Scam Of The Week (January): Shoppers Targeted with Amazon Phishing Email

The January sales offer the perfect opportunity to bag a bargain. However, the impulsivity and frantic rush of sales can also make some people act without giving it a second thought.

Fraudsters often exploit this situation and impersonate popular, well-known brands and trick victims into divulging their personally identifiable information. The Amazon January sale offers huge online clearances, and with over 300 million active users, Amazon is a prime target for cybercriminals.

A phishing email appearing to come from Amazon is making the rounds and informs recipients that their Amazon account has been locked and their pending orders halted. The email persuades victims to verify their account details and provide their credit card information to resolve the issue.

The phishing email features the Amazon logo and informs recipients that the billing information on their Amazon account ‘does not match the information on file with the card issuer’.

The email then claims that recipients must verify their details including, billing name, address, and phone number. It attempts to provoke victims by threatening that their orders will be cancelled unless their account is verified within 3 days. This tactic is designed to prey on the anxiety of shoppers who are desperate to snap up deals and discounts while they are still available.

To resolve this issue, the email encourages recipients to check and update their account information by clicking a button. The button, however, contains a masked link and directs victims to a malicious landing page that resembles the Amazon login page. Here victims are asked to update their account details.

By entering such sensitive information, victims are unknowingly giving their personal and credit card information over to fraudsters. Not only can this information grant access to the victims’ online accounts, but they can also be resold on the dark web. The link may also contain malicious software and download a virus or malware onto the victim’s device.

Around 96,000 people reported that they were targeted by Amazon-related scams between July 2020 and June 2021.

Here are 7 simple steps to help you protect yourself against these phishing threats.

1. Use a full-service internet security suite

2. Use strong passwords

3. Keep your software updated

4. Manage your social media settings

5. Strengthen your security on Wi-Fi

6. Keep up to date on major security breaches

7. Take measures to help protect yourself against personal information theft

Source: MetaCompliance

Solution: Speak to GB3s Security Team about completing phishing assessments

Contact Us: Here to help

51 views0 comments