Amazon Doesn't Owe You Money; It's Ransomware

August 5, 2016

Amazon is a big company and that makes using it by hackers to lure in victims very attractive. The company has over 300 million active customer accounts and did over $100 billion in sales last year. So when customers get email from Amazon, it probably doesn’t strike them as odd. But now, a phishing scam is resurfacing that may cost you more than snazzy pair of shoes on your “recommended for you” list.

The email messages state that a system error caused the customer to be double charged for an item and a refund process was initiated. A link or attachment is included that supposedly confirms the billing address. A refund is promised in a few days after validation. However, that link or attachment contains ransomware.

amazon refund

It looks like it could be real, but with closer attention mistakes can be spotted such as minor typos, a missing period, or perhaps an extra space in between two words. The biggest sign of a scam is the link itself. When you hover over it with your mouse, it is clearly not an Amazon.com URL. Be sure to review all email messages clearly and follow good practices for avoiding being hooked by these scams:

  • Avoid clicking links in email messages, especially when you are not sure they are safe and/or are not expecting them. Instead, go directly to your online account by typing in the address you know to be correct or clicking a previously bookmarked link. If a refund is owed, it’ll be in there.
  • Look closely at the messages for typos and other errors. While the scammers are getting better at making them look legitimate, they often still make mistakes that give them away.
  • Use anti-malware software on all internet-connected devices, regardless of what operating system they are running. All of them are vulnerable to ransomware and other malware. Keep the software updated.
  • If you have the option of using multi-factor authentication on your sensitive accounts, or any account where you store sensitive information, take advantage of it. This could mean having a one-time code sent via text to you that you enter into a field before it’ll authenticate you or it could be a key fob type device with a randomly generated number. There are other methods, but it could be anything that requires something in addition to a password or PIN before giving you account access.

Should ransomware strike you, don’t pay the ransom. Instead, take a proactive approach and do regular backups of your important documents and files. Keep the backup copies separate from your computers or mobile devices. You can always restore from one of those should the need arise and avoid losing your money and putting it into the wallets of the hackers.

© Copyright 2016 Stickley on Security