October 7th through 8th are Amazon Prime Day which is odd to say. Amazon really should change the name for the four day event to Amazon Prime Days. Amazon Prime Day is a global promotion of Amazon featuring sales on a variety of items available solely to Amazon Prime members. There is always great interest in Amazon Prime Day and as with everything else that attracts great interest by the public, it also attracts great interest by scammers who are eager to take advantage of people participating in Amazon Prime Day.
Scammers, posing as Amazon are sending phishing emails and text messages in which they attempt to lure their victims into either providing account information that will give the scammer access to the victim’s Amazon account or to make a payment under some pretext or click on a link that will download dangerous malware such as keystroke logging malware or ransomware. They do so by representing to the targeted victim that their account has expired or that a recent order needs to be confirmed or some other emergency related to their account.
TIPS
Much malware including ransomware comes as links in phishing emails. text messages or tainted attachments. Generally, you should never click on links or download attachments that come in emails or text messages unless you have absolutely verified that the email is legitimate. You also should never provide personal information in response to an email, text message or phone call unless you have absolutely confirmed that the communication is legitimate.
Phishing emails and more specifically tailored spear phishing emails can often appear quite legitimate initially, so it is important to be skeptical. Because Amazon Prime Day will be going on soon, many people expect emails from Amazon which is even more reason for you to be skeptical. Trust me, you can’t trust anyone. Check the email address of any communication that appears to have come from anyone to make sure that it is the real email address. All Amazon emails end in @amazon.com. Many phishing emails come from email addresses that have no relation to the real email address of the company they purport to be while others look very legitimate unless you carefully examine the email.
Through spoofing, text messages may appear to come from a legitimate Amazon phone number, so you can’t trust your Caller ID.
As always, it is a good idea to set up dual factor authentication for your Amazon account so that even in the event that you are tricked into providing your username and password, no one will be able to access your account. Here is a link that provides information about how to set up dual factor authentication for your Amazon account. https://www.amazon.com/gp/help/customer/display.html?nodeId=G3PWZPU52FKN7PW4
When going to what purports to be an Amazon page, the URL should end with “Amazon.com.” To be sure that you are actually on the real Amazon website, you can check the domain name to make sure that it is not a counterfeit by going to the website https://www.whois.com/whois/ where you can type in the domain name and learn who actually owns it. If your Amazon website appears to be owned by someone in Nigeria, for example, you know you have a problem. The security company Check Point recently identified 1,500 counterfeit Amazon websites.
It is also important to remember that you should not use your debit card for anything other than as an ATM card. Use your credit card for online and offline purchases because the law protects you much more from fraudulent purchases than a debit card does. If you do not promptly report misuse of your debit card, you could potentially lose the entire bank account tied to your debit card while the maximum liability for misuse of your credit card is only fifty dollars and most credit card companies don’t even charge you that amount.
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in our email address on the tab that states “Sign up for this blog.”