Fraudsters have now moved onto target shoppers and businesses with phishing emails from Amazon – or that appear to be from Amazon. These false e-mails, also called “spoof e-mails” or “phishing e-mails”, look similar to real e-mails claiming to be from Amazon. The spoofed emails from “firstname.lastname@example.org” claim recipients have made an order online and mimic an automatic customer email notification.
Reported incidents say the scam email claims recipients have ordered items such as an expensive vintage chandelier or Bose stereos, iPhone’s and luxury watches.
A phishing email from Amazon example:
The emails cleverly state that if recipients haven’t authorised the transaction they can click on the help centre link to receive a full refund. The link leads to an authentic-looking website, which asks victims to confirm their name, address, and bank card information.
Suspicious e-mails will often contain:
- Links to websites that look like Amazon.co.uk, but aren’t Amazon.co.uk.
- Attachments or prompts to install software on your computer.
- Typos or grammatical errors.
- Forged (or spoofed) e-mail addresses.
Don’t rush, assess the situation
Unfortunately, these false websites can steal your sensitive information and thereafter this information could be used, without your knowledge to commit fraud.
If you think you have received a phishing email from Amazon, remember – many companies including Amazon will never ask for personal information to be supplied by e-mail.
Please be vigilant and remember if you think an email is suspicious, don’t respond to it and protect yourself further by not revealing sensitive or private information.
You can also check our Phishing Awareness page to download our top tips for spotting a phishing email.
The best and final line of defence against these current threats is yourself and your fellow employees – if people don’t open these emails, they can’t activate.