HackRead has discovered an insidious phishing scam that’s trying to trick Amazon customers into forking over their account credentials, personal information, and financial details. The phishing emails claim to be notifications from Amazon informing the recipient that they need to update their information within twenty-four hours or their account will be permanently disabled.
When a victim clicks the “Update Now” button in the email, they are taken to a convincing but fraudulent imitation of an Amazon login page. After the victim enters their credentials, the phishing page will present a form for them to input their name, address, city, state, ZIP code, phone number, and date of birth. Next, they’ll be asked to provide their credit card and bank account information.
Finally, the phishing site informs the victim that their account has been recovered and says they’ll be automatically logged out. The victim is then redirected to the real Amazon website.
Why the Scam Works
This social engineering scam is preying on a heightened sense of urgency. They are counting on you getting worried and quickly acting without thinking it through.
The email has several red flags like typos and bad grammar, but even if the emails are perfect—which they often are these days—it is a bad idea to click on the link in the email. Always go directly to Amazon using your web browser and see if your account has any notifications.
Please remember to Think Before You Click.
If you need help with cybersecurity contact DarkHound at [email protected]
Image Source: https://www.pexels.com/photo/two-brown-pencils-907607/