Phishing Scam targeting Amazon users – “Your Amazon order has been shipped”

News from Omniquad | September 21, 2012

There is a phishing email scam doing rounds right now disguised as an order confirmation from Amazon sent to you from customer support.

Cybercriminals have widely spammed out an attack via email, posing as Amazon, in an attempt to trick users into handing over their personal details.

How does the scam work?

The Phishing email with varying titles like ‘Item waiting on delivery/You have one message from amazon/Your amazon order has been shipped’ states that an Amazon purchase was shipped and given Order number #002-2735850-54244875 etc and payment details. The phishing email provides a links to view your Orders, do not click on them because the link takes you to a bogus website to trick you into revealing your personal data.

The headings claims that the receiver’s order has been complete and that they were successfully charged varying amounts that are often over $100. In the sample we received (see below), has apparently purchased a Television set and had it delivered to an apartment in the US. Anybody receiving such an email, would naturally wonder, and might click the link and enter their details without thinking it through, especially as the delivery date is the same day as the email is received.

Amazon shipping comfirmation Scam Email

Amazon shipping comfirmation Scam Email

The email appears to be genuine as there is an order summary, a personal email address, an order number, an Amazon advertising banner.

At the bottom of each sample we have seen it states “Thanks again for shopping with us” or “We hope to see you again soon” then like a signature says

Tips to spot phishing emails

  • Request you to supply personal information directly into the e-mail or submit via website,
  • Threatens to suspend or close your online accounts if you do not respond for the email,
  • Claims that your account has been compromised or accessed by un authorized person,
  • Requests you to enter, validate or verify your account information,
  • States that there are unauthorized charges on your account and requests your account information,
  • Claims that the bank has lost important security information and needs you to update your information online,
  • Requires you to enter your card number, password, user ID or account numbers into an email.

Protect yourself from email frauds

  • Never click on Hyperlinks within emails, instead, copy and paste them into your browser,
  • Do not open any file attached to the email,
  • Always look for “https://” and padlock on web sites that require personal information,
  • If you didn't initiate a transaction to which an email is referring, it's probably a scam,
  • Never respond to spam / suspicious email or emails from unknown senders,
  • Do not supply your personal / Bank account information to strangers, they are most likely scammers.

If you do receive an email from Amazon, or any other online retailer, and you wonder if it is legitimate, it is best to go the their web site the usual way and check your account from there.

Omniquad Mailwall Remote detected it as phishing and blocked it from their customers.

P.S. Tweet if you want to warn others of this scam.