‘Phishing campaigns are reaching a new peak’ is a sentence that seems to be applied regularly throughout the year. As we have stated many times, phishing, and social engineering in general, is an actively sustained and improved online threat that aims at personal and financial data.
To make online phishing scams more believable and thus more successful, crooks often use famous brands and social media. Amazon’s name, in particular, comes up quite often in the investigation of phishing scams.
Learn More about Phishing and Facebook
Smartly written phishing emails impersonating Amazon were just detected
The most recent Amazon fraud is a quite clever one. It involves a cleverly written phishing email that impersonates Amazon, and uses its logo and similar color scheme.
This is what the email reads:
As a valued customer we would like to present you with an opportunity to make a quick buck. We are offering £10 each to a selected number of customers in exchange for completing a quick survey relating to our service. Your opinions and thoughts are vital in order for us to provide the best possible service. Please press the link below to get started.
Of course, the provided link is a phishing one that redirects to a compromised website masqueraded as Amazon’s login page:
As seen on the image above, users are prompted to enter their Amazon credentials. Once this is done, users will be linked to another page, asking them to type in banking and personal information, such as home address, phone number, credit card details, bank account number, and their security question.
Read About the Amazon Offers 50% Discount Scam
Even though this page is now taken down, it’s only a matter of time before phishers come up with another smartly written plan to harvest all sorts of personally identifiable information. One good piece of advice given by Chris Boyd, a researcher at Malwarebytes, is checking the page’s URL for a green padlock. The lack of such is a clear indication of a phishing scam.