According to this email, which purports to be from Amazon, your account will be limited if you don’t click a link to update your details within 72 hours.
Supposedly, the account update is required because “some informations on your acount appears to be missing or incorrect”.
The email includes the Amazon logo to make it appear legitimate, but the glaring spelling and grammatical errors should be enough to immediately raise a red flag.
Here’s a screenshot of the scam email:
Clicking the link opens a fraudulent website in your browser. The fake site features the Amazon logo and footer links to create the illusion that it is genuine. It furthers this illusion by using a website address that includes the word “amazon”. In fact, the site has no connection to Amazon, but the seemingly Amazon-related web address, the logo, and other elements may be enough to convince less Internet-savvy visitors that it is genuine.
Once on the site, you will be asked to sign in to your Amazon account via a fake login form:
After entering your sign in details, the first of two bogus account verification forms will appear. The first form asks for your name and address, your phone number, your date of birth, and your OSID number:
If you supply the requested information and click the “Update” button, a second form will then request your credit card details:
Next, the site will ask you to upload a photo of the front and back of your credit card:
The scam site will then briefly display a message claiming that you have successfully verified your account before automatically redirecting your browser to the genuine Amazon website.
Criminals can now use the log in information you supplied to take control of your Amazon account and make purchases with your default Amazon payment system. They can also use your credit card number to make fraudulent transactions outside of Amazon. And, using all of the personal and financial information they have gathered, they may be able to make your predicament even worse by stealing your identity.
Amazon phishing scams are common and take many forms. Be wary of any email that appears to be from Amazon that claims that you must click a link or open an attachment to deal with a supposed account, purchase, shipping, or security problem.
You can always check the status of your account and check any transactions by entering the Amazon address into your browser’s address bar and logging in. This is much safer than clicking a link in an email.
The Amazon website includes information about how to identify and report phishing scams.