If you see this email from 'Amazon', do not open it
Cyber criminals have targeted Amazon customers with a “convincing” new phishing scam that aims to steal shoppers’ bank details.
A spoof email has been sent to thousands of people in the UK, US, and Australia saying their "Amazon.com order cannot be shipped" — just as a larger number of people than usual log on to the site to make purchases in the run-up to Christmas.
According to consumer rights groups, the message claims there is a problem processing the recipient's order, adding that they will not be able to access their Amazon account or place any other orders until they confirm their information by following a link
The link leads to an “authentic-looking” page, which asks the victim to confirm their name, address, and bank card information.
Mary Bach, chair of non-profit AARP, says the con relies on Amazon having a huge share of the global market.
“So many people right now are using Amazon,” she says, "randomly sending out emails" gives scammers good odds of reaching someone who is actually waiting for an Amazon order.
The enormous online retailer, which has just announced it will offer 'Black Friday' style bargains all the way through to 22 December, has provided a help page online for people who believe they may have received a spoof email.
“From time to time you might receive e-mails purporting to come from Amazon.co.uk which do not come from actual Amazon.co.uk accounts," the retailer said, "instead, they are falsified and attempt to convince you to reveal sensitive account information. These false e-mails, also called 'spoof e-mails' or 'phishing e-mails,' look similar to real emails. Often these e-mails direct you to a false website that looks similar to an Amazon.co.uk website, where you might be asked to give your account information and password.
"Unfortunately, these false websites can steal your sensitive information; later, this information can be used without your knowledge to commit fraud."
The store added that the real Amazon will never ask for sensitive information such as National Insurance Numbers, bank account details, credit card numbers, or personal information that could be used to answer security questions via email.
It added that if in doubt people should contact the company directly.
Independent News Service