A new Amazon phishing scam email is circulating, that tricks users into handing over their personal as well as financial information including credit card information to online crooks.
Usually, Hackread covers phishing scams identified and alerted by cyber security companies but in the latest one, the targeted scam was aimed at my supposed Amazon account. It is not surprising since the targeted email account (a dummy one based on Hotmail) was part of several data breaches and scammers tend to target such emails thinking that once a fool, always a fool.
The phishing scam works like this: The victim receives an email supposedly from Amazon informing them about suspicious activity on their account. The confusing subject of the email is in English and French language stating that “Fw: [Monthly Statement Added] Confirmation notice: information activity on Wednesday 13 September 2019 #JLQUUUNZ/ Confirmation changer le mot de passe de votre compte JLQUUUNZ- Friday, September 13, 2019.”
The French text according to Google Translate means “This is to confirm that your password has been changed.”
Apparently, the crooks are trying to convince victims that someone has changed the password of their Amazon account. The email content itself comes with the following text:
Hello Dear Customer, We have faced some problems with your account, So please update your account details. If you do not update your account within 24 hours (from opening this email) will be officially permanently disabled. We hope to see you again. Amazon.com.
A full preview of the phishing email is available below:
As shown in the above screenshot; the email then asks victims to click on “Update Now” to “save” their account from being “permanently disabled.” Upon clicking the update tab, the victim is taken on authentic-looking Amazon sign-in page asking for their login email or phone number and password.
The next step after stealing login credentials is asking for the victim’s billing address which contains personal information such as country, full name, physical address, state, province, region, ZIP code, phone number, and date of birth.
Upon clicking the update tab, the victim is taken to another authentic-looking Amazon page that asks for their financial information including their name, credit card number, its expiration date, CVV code, bank account number and sort code.
Once the victim ends up sending their financial information, they are taken to another page notifying them that their account has been recovered and clicking next redirects them to the original Amazon website.
The phishing scam is being hosted on a domain that was registered in August, 2019. According to Who.is, the domain [wadwa-wmdw(dot)com] was registered on 2019-08-22 on a Toronto address which can be fake since address authentication is not required during domain registration.
At the time of publishing this article; the Amazon phishing scam was up and running however I have reported it to Amazon and Google. Nevertheless, phishing scams are growing in popularity and they are a common cause of identity theft. It doesn’t matter how experienced you are when it comes to the internet, it is easy to click on a link without knowing if you can trust the source or not.
The only way you can truly prevent a phishing scam is if you are vigilant of everything you click on but other than that, you’re on your own. If you are looking for more tips that will better protect you while browsing, have a look below:
Never reveal your personal information, avoid clicking on links in emails, only browse websites you trust and use internet security software. Addiontaly, you can also scan malicious links or files for free on VirusTotal.com. For Amazon customers, the company provides tips on how to identify whether or not an email, web page, or phone call is actually from Amazon on its website. Stay safe online!