{"id":95555,"date":"2020-10-22T21:35:40","date_gmt":"2020-10-22T18:35:40","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/watch-out-for-this-new-amazon-email-phishing-scam\/"},"modified":"2020-10-22T21:35:40","modified_gmt":"2020-10-22T18:35:40","slug":"watch-out-for-this-new-amazon-email-phishing-scam","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/watch-out-for-this-new-amazon-email-phishing-scam\/","title":{"rendered":"#Watch Out For This New Amazon Email Phishing Scam"},"content":{"rendered":"

“#Watch Out For This New Amazon Email Phishing Scam”<\/strong><\/p>\n

\n
\"Amazon
Justin Duino<\/span><\/figcaption><\/figure>\n

Scam artists are getting so good at creating realistic-looking phishing emails that some are getting past Gmail\u2019s spam filters. Although most of us have been trained to spot suspicious email messages, some (like the one above) look like they could be from companies like Amazon.<\/p>\n

Bad actors posing as companies you do business with is nothing new. If you look at your spam folder right now, chances are that you\u2019ll see emails claiming to be from your cellphone carrier (T-Mobile, Verizon, AT&T, etc.) or a large retailer (Amazon, Best Buy, Target, etc.).<\/p>\n

In this case, we received an authentic-looking email pretending to be a support ticket from Amazon. The message claims the company is having issues authorizing a purchase and needs us to re-enter our billing information. As this phishing attempt arrived leading up to the holiday shopping season, it\u2019s easy to see why someone might instinctually trust the email\u2019s legitimacy.<\/p>\n

Thankfully, if a similar phishing email ends up in your inbox, there are a couple of easy ways to identify it as spam.<\/p>\n

RELATED:<\/strong> What Should You Do If You Receive a Phishing Email?<\/em><\/strong><\/p>\n

But before we dig into this particular phishing attack, know that we\u00a0DO NOT<\/strong> recommend you open any email that you suspect to be spam or click on links found within the message.\u00a0Instead, immedia<\/a>tely report the email, mark it as spam, and delete the message.<\/p>\n

The first thing you should always check before clicking or tapp<\/a>ing links in an email is the sender\u2019s email address. Although the address can be spoofed, in our case, it wasn\u2019t. Combined with the sender\u2019s name appearing as \u201cDonna Hughes\u2019s First Site\u201d and odd spacing in the email\u2019s text, it\u2019s easy to tell something isn\u2019t quite right, but only if you slow down and look at the fine details first.<\/p>\n

\"Amazon<\/p>\n

What\u2019s interesting\/scary about this phishing attempt is that the bad actor is trying to steal multiple pieces of information in one attack. Once you click through the email to update your payment method, you\u2019re asked to sign in to your Amazon account. Although this site might look like Amazon\u2019s website, it\u2019s not. You will find the completely incorrect URL at the top of the screen.<\/p>\n

As you can see from the screenshots, we entered a false email address and password. Whoever created the scam is using this step to steal your Amazon credentials.<\/p>\n

We were then taken to a realistic Settings page that claimed we couldn\u2019t access our Amazon account until we updated our billing information. If we actually entered our information, the perpetrator would have our mailing address, phone number, and credit\/debit card number.<\/p>\n

\"Amazon<\/p>\n

The cherry on top of this entire scheme is the attempt to steal your login information for your email account. The fake website claims it wants to link your email to your Amazon account, but instead, you\u2019d be giving whoever sent the message the keys to your private emails and possibly also your Google account.<\/p>\n

To reiterate, you should never click on a link that you\u2019re suspicious of or think might be spam. And if you do, don\u2019t enter any personal or credit card information. Instead, close any tabs or windows that were opened, mark the message as spam, and permanently delete the email.<\/p>\n

Be safe, and don\u2019t click on any links that appear even remotely insecure.<\/p>\n

RELATED:<\/strong> How to Spot a Text Message Scam<\/em><\/strong><\/p>\n<\/div>\n