The email from Amazon that you should never open
Amazon customers have been warned they could lose hundreds of pounds if they fall for a “convincing” fake email scam.
Action Fraud, the UK’s fraud and cyber-crime centre, said the spoofed emails from "firstname.lastname@example.org" claims recipients have made an order online and mimic an automatic customer email notification.
The number of people who have been sent the fake email is unclear, however Action Fraud said it had received several reports about the scam.
The email claims shoppers have ordered products including an expensive vintage chandelier, Boses stereos, iPhone’s and luxury watches.
In order to get a shopper’s financial information, the email cleverly states that if the recipient didn’t authorised the transaction they can click on the help centre link to receive a full refund.
One shopper lost £750 (€875) after clicking on the link in what looks like an automatic customer email.
After the victim notified Nationwide they cancelled the card and refunded the money in full.
So what should you look out for to make sure you don’t fall for the scam?
Amazon said that scam e-mails will often contain links to websites that look like Amazon.co.uk, but aren’t Amazon.co.uk.
Legitimate sites have a dot before "amazon.co.uk" such as http://“something”.amazon.co.uk (usually "www").
Sites such as “payments-amazon.com” aren't Amazon sites. Amazon will also never send e-mails with links to an IP address (string of numbers), such as "http://123.456.789.123/amazon.co.uk/".
Beware of attachments
Don’t click on attachments or prompts to install software on your computer.
If you've already opened an attachment or clicked a suspicious link, go to Protect Your System.
Typos or grammatical errors
An official from Amazon will not contain typos. Delete it.
Make sure your computer is configured securely
Candid Wüest, Threat Researcher at Symantec, told the Independent: “Configuring popular internet applications such as your Web browser and email software is one of the most important areas to focus on.
“The strongest security settings will give you the most control over what happens online but may also frustrate some people with a large number of questions (‘This may not be safe, are you sure you want do this?’) or the inability to do what they want to do. Often security and privacy settings can be properly configured without any sort of special expertise by simply using the ‘help’ feature of your software or reading the vendor's website.”
Amazon will never ask for personal information to be supplied by e-mail
Request for your Amazon username, password or any other personal information should be ignored.
The online retailer will never ask for this information to be supplied by email.
I already clicked on the email, what should I do?
If you have already clicked on the suspicious email you can report a fraud and receive a police crime reference number by calling Action Fraud on 0300 123 2040 alternatively you can use this online fraud reporting tool.