When it comes to online retail, Amazon.com is a major player. One comScore study showed that Amazon Sites had the largest global audience among the retail and auction sites it analyzed, with more than 282 million visitors in one month, representing 20.4 percent of the worldwide audience. Unfortunately, cybercriminals are very aware of this and are using the Amazon brand in their latest phishing scam.
Phishing is the act of a scammer pretending to be a trusted organization like your bank, doctor’s office, or company you’ve done business with and tries to get personal information from you to steal your money or even your identity. Phishing has become extremely widespread in recent years.
The latest phishing scam appears to be from Amazon.com and confirms the processed order of an HD TV or other item but shows that it is being shipped to an address not that of the customer. What the “phisher” wants the recipient to do is see the wrong address and click on one of the links in the email such as ‘Your Order’ or ‘Merchant Contact Form’ to get the problem corrected. Links in phishing emails contain malicious viruses that capture passwords and private information from the computers or devices used.
Example of phishing email courtesy of KWCH 12
As you can see from the image, this particular phishing email has some telltale signs of phishing: misspelling and the “From” email address has no indicators that it’s from Amazon. Other phishing scams aren’t so obvious though. A recent one that pretended to be from Verizon Wireless had the exact same graphics, fonts, and phrasing one would normally see in an email from Verizon. The email also appeared to be from Verizon but it wasn’t.
The Better Business Bureau (BBB) brand itself has also been used in phishing scams, especially in the past year. Fraudulent emails seem to be about a complaint filed against you with the BBB and prompts recipients to click on a link to see the complaint.
Your best defense against phishing scams is to always verify that the email is from who it appears to be from, and to not click on any links unless you trust the sender. If you do accidently click on a link in a phishing email, run your computer’s antivirus software to hopefully catch the virus before it downloads onto your system.
What phishing scams have you come across? Were they via email, phone or text? Do you think phishing scams will heat up as the holiday shopping season gets busy? Tell us your experiences…
Amazon has been target from a long time as one of the scam platform and why, the stats in the article answers that all
“Amazon Sites had the largest global audience among the retail and auction sites it analyzed, with more than 282 million visitors in one month, representing 20.4 percent of the worldwide audience.”
Just a small precaution measure :- it is always advised to check the domain from which the email was generated i.e the @xyz.com thing. It should always be @amazon.com because the employee from the amazon will always use that email domain nothing else to communicate with you like @gmail.com or @yahoo.com or @amaazon.com etc
Report this comment
here is a scam email i recieved.full message and body..this is a email address i havnt used for years…
Return-Path:
Received: from deliver ([unix socket])
by spool-host10.tpgi.com.au (Cyrus v2.4.13) with LMTPA;
Fri, 07 Dec 2012 04:08:19 +1100
X-TPG-Junk-Checked: Yes
X-TPG-Junk-Status: score=11.6 tests=DCC_CHECK,HTML_MESSAGE,RCVD_IN_PBL,RCVD_IN_XBL,RDNS_NONE,SARE_FORGED_AMAZON,SARE_MILLIONSOF,URIBL_WS_SURBL
X-TPG-Junk-Level: ***********
X-TPG-Antivirus: Passed
X-TPG-DNSBL: Passed
X-TPG-Abuse: host=[5.248.19.156]; ip=5.248.19.156; date=Fri, 7 Dec 2012 04:08:17 +1100
Received: from [5.248.19.156] ([5.248.19.156])
by mx1.tpgi.com.au (envelope-from vaccinatesbu@cascade.oostrozebeke.com) (8.14.3/8.14.3) with ESMTP id qB6H7lZh018598
for ; Fri, 7 Dec 2012 04:08:17 +1100
Received: from apache by cascade.oostrozebeke.com with local (Exim 4.67)
(envelope-from < BODY=7BIT>)
id CQKV63-BRL3IK-JN
for ; Thu, 6 Dec 2012 19:08:17 +0200
To:
Subject: Your Kindle e-book Amazon.com receipt.
X-PHP-Script: cascade.oostrozebeke.com/sendmail.php for 5.248.19.156
From: “Amazon.com”
X-Sender: Amazon.com
X-Mailer: PHP
X-Priority: 1
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=”————08040800609010102090908″
Message-Id:
Date: Thu, 6 Dec 2012 19:08:17 +0200
This is a multi-part message in MIME format.
————–08040800609010102090908
Content-Type: text/plain; charset=”us-ascii”; format=flowed
Click here if the e-mail below is not displayed correctly.
Follow us:
Your Amazon.com Today’s Deals See All Departments
Dear Amazon.com Client,
Thanks for your order, graham61@tpg.com.au! Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account. Order Overview:
E-mail Address: graham61@tpg.com.au Billing Address: 342 Sunwille Rd. GAHANNA OH 73963-3559,,FL 67151} United States Phone: 1-491-581-0834 !
Order Grand Total: $ 95.99
Report this comment
This is a clever scam as 9/10 people will click the link and edit the address, especially if the email is formated and design correctly. This is probably an even bigger issue on mobile devices where people are more likely to be fooled. Thanks for the example Graeme
Report this comment