Scam of the day – July 12, 2015 – New Amazon email scam

Copied below is an email currently being circulated that is a good example of a social engineering phishing email designed to either get you to provide personal information or to click on a link that will download keystroke logging malware on your computer that will result in your data being stolen and used to make you a victim of identity theft.  The email appears to be an email from Amazon indicating that there is a problem with your account.  In order to remedy the problem, you are prompted to click on a link and either provide the requested personal information or just by clicking on the link you may unwittingly download the keystroke logging malware.  This type of phishing email is so effective because it looks so legitimate.  It also has a higher chance of being effective merely because so many people who receive it will indeed be Amazon customers.

Here is a copy of the email:  DO NOT CLICK ON THE LINK.

Amazon

Confirm your Amazon account.

Hello ,

We were unable to process your most recent payment. Did you recently change your bank, phone number or credit card?.
To ensure that your service is not interrupted, please update your billing information today.

Or contact Amazon Member Services Team. We’re available 24 hours a day, 7 days a week.
If you have recently updated your billing information, please disregard this message as we are processing the changes you have made.

f you need further assistance with your order.

Sincerely,
Amazon

This email was sent by an automated system, so if you reply, nobody will see it. To get in touch with us, log in to your account and click “Contact Us” at the bottom of any page.

Copyright Å  2014 amzon, Inc. All rights reserved. amzon is located at 2211 N. First St., San Jose, CA 95131.

TIPS

There are a number of telltale signs that this is a scam.  First and foremost, the email address from which it was sent has no relation to Amazon.  Also, the salutation does not refer to the person receiving the email by name.  Finally, there are some misspellings and typographical errors in the email.  However, the quality of this phishing email certainly is good, which is why it is so dangerous.  The key to avoiding becoming a victim of this type of social engineering phishing scam is to follow my motto, “trust me, you can’t trust anyone.”  Never click on a link or provide personal information unless you have absolutely confirmed that the email or text message received by you is legitimate.  In this case, if you had any thought that the email might be legitimate, you should contact Amazon directly at an email address or telephone number that you know is accurate.  Don’t respond to phone numbers or email addresses contained in the email itself.

Scam of the day – November 1, 2012 – Phony Amazon email scam

A new scam has recently emerged that begins when you receive an email purportedly from Amazon informing you that “Your acount has been closed because of too many failed login attempts.  Please download and fill out the form below to reactivate your account.”  If you download the form and provide the personal information requested you will have turned over your information to an identity thief who can then use this information to make you a victim of identity theft.  Unlike many phony emails that contain exact replicas of logos for the companies that the email is purportedly to be from, this scam email does not contain anything except text.

TIPS

Do not respond to this email by providing any information or clicking on any links.  Amazon does not ask for you password, bank account information, credit card information, PIN, Social Security number, mother’s maiden name or any other identifying information.  If you are asked for any of this information in an email, you cn be sure that the email is not from Amazon.  If you ever receive a similar email and have any doubts as to its authenticity, merely call the company to find out if the email was legitimate.  Providing information or clicking on links that can download keystroke logging malware can put you in great danger of identity theft.