as published 09/24/2019 by KnowBe4.com
Scam of the Week: Amazon Phishing Scam in Progress
The bad guys are targeting Amazon customers and tricking them into giving up their account login details, personal information, and even their financial information. They’re sending phishing emails that tell you to update your account information within twenty-four hours or your account will be permanently disabled. Don’t fall for this warning! Cybercriminals are counting on your impulsive reaction.
Once you click the “Update Now” button in the phishing email, you’re taken to a realistic-looking Amazon login page. After you’ve entered your credentials, another form is displayed for you to “update” your name, phone number, date of birth, and address. Then, you have to provide your credit card and bank account details.
After you’ve given up all of this sensitive data, the phishing site tells you your account has been recovered and that you’ll be logged out automatically. You’re then redirected to the real Amazon website without having any idea of what actually happened.
Always remember: If you receive a suspicious email from an online service that you use, log in to your account through your browser (not through links in the email) to check the validity of the information presented. Also, be careful with emails that are seemingly urgent. The bad guys often use a ‘sense of urgency’ to pressure you into clicking as an impulsive response.
Stop, Look, and Think. Don’t be fooled.
The KnowBe4 Security Team