Amazon Phishing Scam in Progress

phishing-mcsharkHackRead has come across a phishing scam that’s trying to trick Amazon customers into handing over their account credentials, personal information, and financial details. The phishing emails purport to be notifications from Amazon informing the recipient that they need to update their information within twenty-four hours or their account will be permanently disabled.

When a victim clicks the “Update Now” button in the email, they’ll be taken to a convincing imitation of an Amazon login page. After the victim enters their credentials, the phishing page will present a form for them to input their name, address, city, state, ZIP code, phone number, and date of birth. Next, they’ll be asked to provide their credit card and bank account information.

Finally, the phishing site informs the victim that their account has been recovered and says they’ll be automatically logged out. The victim is then redirected to the real Amazon website.

This scam is intended to get as much information as possible out of the victim, and it probably works fairly well. A victim who has already fallen for the spoofed login page is unlikely to balk at entering their personal information, since that’s what the email told them they needed to do. Once they get to the financial information page, they’re already invested in the process and haven’t seen anything unexpected, so they’re less suspicious than if they’d been asked for their credit card number at the outset.

I suggest you send employees, friends and family an email about this Scam Of The Week, feel free to copy/paste/edit:

"Bad guys are targeting Amazon customers, urgently claiming you need to update your information within twenty-four hours or your account will be permanently disabled. They count on you getting worried and quickly act without thinking it through.  


The email has several red flags like typos and bad grammar, but even if the emails are perfect—which they often are these days—it is a bad idea to click on the link in the email. Always, you should go directly to Amazon using your web browser and see if your account has any notifications. Think Before You Click."

There are multiple red flags that could have alerted observant users. The email has numerous typos and grammatical errors, and the urgent language and deadline are common social engineering ploys. Additionally, while the site’s URL attempts to hide behind a subdomain called “login-info-accountsetting-update,” the actual domain name clearly isn’t Amazon’s.

Even if none of these warning signs had been present, it’s still a bad idea to click the link provided in the email. Rather, you should go directly to Amazon using a web browser and see if your account has any notifications. New-school security awareness training can teach your employees to recognize red flags before they fall victim to a phishing attack.

HackRead has the story:


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews