Jump to content
Sign in to follow this  
MainSpring

Amazon phishing scam reported; targeting credit card information

Recommended Posts

MainSpring

Recently, the news platform HackRead reported that a new Amazon phishing scam is circulating that is designed to trick the victim into handing over their personal and financial information.

The email claims that there was suspicious activity on the account, and it urges the user to reset their login and credit card information within 24 hours, or the account will be deactivated. The email is formatted with Amazon’s logo, and it claims the email is from Customer Support. It even uses a layout and font style that simulates real Amazon emails.

AdobeStock_41908523-1200x900.jpeg

If a user clicks the “Update Now” button in the email, they’ll be taken to a convincing imitation of an Amazon login page. After they enter their login credentials, the phishing page will display a form asking for their name, address, city, state, ZIP code, phone number and date of birth. Next, the user will be asked to provide their credit card and bank account information.

Once that information is entered, the phishing site informs the victim that their account has been recovered and says they’ll be automatically logged out. The victim is then redirected to the real Amazon website.

The email has several red flags like typos and bad grammar, but, even if the emails are perfect—which they often are these days—it is always a bad idea to click on the link in the email. Instead, you should go directly to Amazon using your web browser and see if your account has any notifications.

Protect your organization with security awareness training

Phishing scams are on the rise. In fact, about 83% of organizations confirm that they were targeted by a phishing attack in 2018—a 7% increase from 2017. With these overwhelming statistics, it’s imperative for organizations to start focusing on how to better secure their business from cyberattacks.

At MainSpring, we recommend building up your last line of defense: your end users. The Automated Security Awareness Program (ASAP) offers new-school security awareness training that will teach your employees to recognize red flags before they fall victim to a phishing attack.

View the full article

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  



×
×
  • Create New...

Important Information

Terms of Use