Menu Search Hoax-Slayer

Amazon 'Important Message From Security Center' Phishing Scam

Outline
Email purporting to be from the Security Center at Amazon Web Services claims that recipients need to click a link to read an important message or risk having their Amazon account restricted.


Brief Analysis
The message is not from Amazon. It is a phishing scam designed to trick recipients into divulging their Amazon account login details and other personal and financial data to online criminals.

Example

Subject: Security Center - Amazon Web Services

Dear Amazon Account Holder, You have an Important message from the Amazon. Your Amazon account will be restricted if you do not view and respond. Click here to view message and update your information's again on your account.

Best Regard Amazon Shopping Service

Amazon Phishing Scam



Detailed Analysis
According to this email, which purports to be from the Security Center at Amazon Web Services, the recipient has an important message waiting online. The recipient is urged to click a link to read the message and update "information's" for the account.  The message warns that the Amazon account will be restricted if the recipient does not respond.


However, the message is certainly not from anyone at Amazon. Instead, it is a phishing scam that attempts to fool recipients into handing over their personal and financial details to cybercriminals.

Those who comply and click the link as instructed will be taken to a fake website built to emulate a real Amazon page and asked to login with their Amazon email address and password. They will then be asked to "update account details" by providing credit card data and other personal information.

The information on the fake login and account update forms will be sent to the criminals operating the scam. The criminals can then use this stolen information to hijack real Amazon accounts, conduct fraudulent credit card transactions and steal identities.

Amazon, like other high-profile online entities such as PayPal and eBay, is almost constantly targeted by phishing scammers. These companies will never send you an unsolicited, generic email that claims that you must click a link or open an attachment to login and update account information. If you receive a suspect email, do not click on any links or open any attachments that it contains. It is always safest to access any and all of your online accounts by entering the account web address into your web browser's address bar rather than by clicking a link in an email.

If you receive a phishing scam email claiming to be from Amazon, you can report it to the company.


Last updated: July 11, 2013
First published: July 11, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Paypal 'Strange IP from a Different Location' Phishing Scam
'eBay Item Not Received' Phishing Scam Email
Amazon Account Review Phishing Scam
Report a Phishing or Spoofed E-mail

© Brett M.Christensen, 2014. All Rights Reserved.

Go to Mobile Version