One frequent tactic employed by cyber-crooks is to send emails that appear to be from a legitimate company that tells the recipient that their account has been locked, “placed on hold” or suspended.
The email will urge the recipient to click a link embedded in the email to rectify the problem and to regain access to their account. However these links will redirect the recipient to scam websites. Amazon is often targeted by these types of phishing emails because of the popularity of Amazon and that so many people will have an Amazon account.
Type of Scam: Phishing Email
Attack Type: Link to Phishing Website
Social Engineering Technique: Account has been locked/restricted.
The below example of this scam claims that amazon has “placed a hold on your Amazon account and all pending orders”.
The email below in turn claims the recipient’s account has been locked because “our services detected two unauthorized devices”.
Both emails have a link that the recipient can click to regain access to their account.
However these links do not lead to the Amazon website. They lead to imposter websites specifically crafted to look like the Amazon website. The imposter webpage asks the user to enter their username and password. And if the recipient enters this information, they will be unwittingly sending their login information to crooks.
This, of course, means the crooks will have access to the recipient’s Amazon account where they can make orders, steal personal information and commit identity fraud.
Sponsored Content. Continued below...
It’s a standard phishing scam and these can be avoided in a number of ways. Such tips to avoid phishing scams include –
You can report phishing emails to Amazon directly by forwarding them to stop-spoofing@amazon.com.