Image: © depositphotos.com/EdZbarzhyvetsky
As Christmas draws near, many more products than usual are bought online and dispatched to locations all around the world.
So, it’s the perfect time for phishing scammers to step up their activities and thereby increase their ill-gotten profits at the expense of already cash-strapped consumers.
Phishing scammers use the names and logos of all major Internet shopping sites in their efforts to steal your personal and financial information.
And, Amazon is a favourite target for scammers because it is one of the giants of online retailers.
So, if you are an Amazon customer, here are some common phishing scam tactics to watch out for.
Supposed Problems With Your Order
You receive a message claiming that there is a problem with a recent Amazon order and that you need to update payment information and other account details so that the transaction can be finalized.
Since the scammers send the very same message to thousands of recipients it will be generic and vague on detail. Of course, it will not identify which of your orders it is supposedly referring to since the scammers do not have that information. But if you have recently ordered products on Amazon, you might be tricked into believing that it is about one of these orders and click the scam link.
Fake Account Security Warnings
You receive a message claiming that your Amazon account has been suspended or disabled for security reasons. The message may claim that there have been multiple login attempts from different locations. Or it may claim that there has been a suspected hacking attempt on your account and it has been temporarily disabled to protect you.
Other versions may falsely claim that Amazon is introducing a new security system and you must log in to update details and enable the new system.
Fake Account Verification Warnings
You receive a message claiming that your Amazon account details are outdated or incomplete and that account access has been suspended until you perform a verification process.
Often, the messages will warn that your account will be permanently disabled if you do not respond within a specified time frame such as 24 hours.
Fake Order Receipts
You receive what appears to be an official Amazon order receipt for the purchase of a product you know nothing about. The message includes order details for a product that supposedly cost several hundred dollars.
The fake purchase notification includes a “cancel transaction” link.
The scammers hope that you will panic and click the link in the mistaken belief that your Amazon account has been hijacked and used to make purchases without your knowledge.
The Scam Messages Use Stolen Logos and Graphics
Most of these scam messages include the Amazon logo and other Amazon graphics and elements in an effort to make them seem legitimate. They will often use the same colours and formatting that you will see in genuine Amazon notifications.
Sometimes, they even include secondary links in the footer of the email that actually open pages on the genuine Amazon website.
The Scam Messages Link to Bogus Websites
These scam messages include links to bogus websites that have been built to look like they belong to Amazon. Once on the fake website, you will be asked to log in with your Amazon account email address and password.
Next, you will be asked to fill in a fake “verification” or “account update” form. This form requests your credit card numbers, your name and contact details and other identifying personal information.
Some variations may instruct you to open an attached file rather than click a link. Opening the attachment will load the fake update form in your default web browser.
Criminals can collect all of the information you supply via the fake forms and use it to:
- Hijack your Amazon account and commit fraudulent transactions.
- Make fraudulent transactions with your credit card.
- Steal your identity.
Use Caution and Common Sense
Be wary of any message that purports to be from Amazon and claims that you must click a link or open an attached file to avoid an account suspension, update information, or rectify a supposed problem.
It is always safest to login to your Amazon account by entering the address into your browser’s address bar or via an official app rather than by following a link in a message.
The Amazon website includes information about how to identify and report such phishing scams.
Scammers Use the Same Tactics to Target Other Companies
Keep in mind that scammers use very similar types of messages to target customers of other high profile companies, including eBay, PayPal, and Apple.
Stay vigilant. Don’t let these criminals ruin your Christmas and wreck your holidays. And remember that, although phishing scammers tend to be especially active around Christmas time, they use such tactics all year round.