One of the most effective tools for a cybercriminal is the phishing scam. This is when a scammer poses as a trustworthy entity and tries tricking you into clicking on a malicious link. Their ultimate goal is to steal your sensitive information such as credit card details, usernames and passwords.
Just in time for the holiday shopping season, a massive email phishing scam is making the rounds. You really need to watch out for this fake Amazon email.
What's happening is people are getting emails claiming to be from Amazon, but they are actually from scammers. The email warns the recipient that there is a problem processing an order that they placed and that it will not be shipped.
It goes on to say you won't be able to access your account or place orders with Amazon until your information is confirmed. Inside the email is a malicious link that takes you to a fake Amazon page where you need to confirm your information. It asks for your name, address and all of your credit card information.
Here is an example of what the email looks like:
The fake Amazon page is so sneaky that after the victim enters the sensitive information and clicks Save & Continue, it redirects to the real Amazon site. The scammer now has enough of the victim's information to cause all kinds of financial damage.
Amazon has posted on its site a few steps you need to take if you receive one of these phishing emails. Here are those steps:
What you need to do
If you receive this or any other email that you believe is an Amazon phishing scam, the company wants you to report it. Here are the steps Amazon asks you to take:
- Do one of the following:
- Open a new email and attach the email you suspect is fake.
- Note: Sending this suspicious email as an attachment is the best way for Amazon to track it.
- If you can't send the email as an attachment, you can forward it.
- Send the email to email@example.com
Note: Amazon can't respond personally when you report a suspicious email to firstname.lastname@example.org, but you may receive an automatic confirmation. If you have security concerns about your account, please contact Amazon using the Contact Us button on the site.
How to avoid phishing scams
Here are some things you can do to help avoid falling victim to phishing scams:
- Be cautious with links - If you get an email or notification from a site that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
- Do an online search - If you get a notification that seems suspicious, you should do an online search on the topic. If it's a scam, there are probably people online complaining about it and you can find more information.
- Watch for typos - Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos.
- Use multi-level authentication - When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
- Have strong security software - Having strong protection on your family's gadgets is very important. The best defense against digital threats is strong security software.