Common Amazon Phishing Scam Getting Traction

It seems there is an uptick in a common phishing scam at the moment. Some people are reporting seeing several notices from a very popular online retailer that claims a recent order placed has been cancelled. Fortunately, the scammers put in all the necessary information making it very easy for the users to simply click a link to check up on the order and give away login credentials at the same time. However, they also make it easy to see that it’s a fake.

The email messages come with a “primitive” looking type stating that a recent order placed with Amazon was cancelled. It even has the description of the item included, which likely isn’t something the user ordered. When a popular movie or music album is released, for example, it’s common to see phishing spam with those purchases listed in emails like this one. The sender email appears as if it is from Amazon, but if you look at the actual address, it replied back to an “amazoncomrade.com” email.

The point of this poorly done scam isn’t necessarily to convince anyone that it is indeed real. It is trying to scare people into thinking someone acquired their credentials. The hope of the attackers is that users will quickly click the included link and enter actual Amazon credentials.

Always take a few minutes to think about such messages if they do manage to make it past your spam filters and into the inbox. There is no reason what-so-ever that an extra few minutes will make a difference. If you want to verify your orders, log in to your account directly from the site and make sure they reflect what they should. Don’t click links or attachments to verify account information, regardless of who the sender appears to be. Even if you are 95% sure it’s legitimate, don’t take chances. Just go to the site from a previously safe bookmark or another way you know is 100% safe.

© Copyright 2017 Stickley on Security