Don’t Get Caught in this Amazon Phishing Scam

Graphic depicting email phishing - a letter in an envelope with a fish hook through it

Don’t Get Caught in this Amazon Phishing Scam

Just in time for the height of the holiday season – another phishing scam set to lure unsuspecting shoppers using one of the world’s largest online retailers. With a 336% increase in malicious phishing links around Thanksgiving and the holidays, hackers are hard at work to take advantage of the online shopping frenzy before the year comes to a close.

It’s not just small businesses that get hit this time of year – though 50% admit to having been breached in the past 12 months alone. According to AARP, shoppers using online retailer Amazon in Australia and the UK have reported receiving phishing scam emails from what initially seems to be the online behemoth:

amazon-email

The message states that there is an issue processing the order and, to make sure the details were all entered properly, to re-enter them at the link provided. The link in the phishing scam email directs the user to, frankly, a page that looks practically identical to the legitimate Amazon payment page and includes required information space for the CVV code, credit card number – everything a phishing scam perpetrator would need:

amazon-order-cannot-be-shipped-phishing-scam-1

After hitting the “Save & Continue” button, users are re-directed back to the actual Amazon landing page. The targeted consumers continue their online journey none the wiser that they just gave hackers complete access to their financial online presence. With that being said, there are obviously a number of ways you can differentiate a phishing scam from a legitimate message. Let’s take a look at the warning signs from this particular phishing scam if this message happens to make its way into your inbox:

  • Do not, under any circumstances, click on the link provided in the suspicious message
  • Check your Amazon account in a separate window or tab
  • If you haven’t placed an order on Amazon, feel free to just delete the message

At one point or another, practically every active online user has encountered a phishing scam in the wild – how they react is entirely unique but ends either with a compromised network or business as usual. Whichever option has been chosen, education and understanding of the threat at hand is paramount to individual users and businesses large and small. Implementing a cyber security management and monitoring plan that keeps your employees aware of the daily threats facing your network, as well as protecting precious data, will secure your organization’s future for years to come.