Phishing emails target Amazon users
Phishing emails that appear to be from Amazon are the latest malicious emails detected in the wild. The email address has been spoofed to look like it is from Amazon. In terms of a phish, the email has a moderate level of complexity.
The full email is reproduced in Figure A. The subject line of the email is “Update Your Account”. The reason given for the email is supposedly because Amazon cannot process a payment. Non-processing of a payment is a plausible reason for receiving a message from a supplier of goods or services.
There is a button included to enable the recipient to update their details. However, mousing over the button leads to a top level domain that contains a phishing site. The phishing site ends with what appears to be a legitimate domain, in order to try to further fool the user.
This phishing email has a few indications that it is false. For one thing, Amazon will always personalise their emails to the recipient. A second indication is a punctuation error in the second sentence. A third indicator is a “hanging” final statement: “If you need further assistance with your order.” This does not make sense; there should be a further clause or statement giving contact information.
These phishing emails have been captured over the last three days by the MailShark email filters. The purpose of the emails is to garner user details; in this case, credit card numbers and phone numbers. If you receive this email, delete it immediately.
An update on last week’s Woolworths phishing emails promising a free $150 voucher: these emails have started up again this week, but with a difference. The emails are now personalised; they include the recipient’s first name.
Once again, if you receive this type of email, check very carefully before clicking on any links. If the link does not look genuine, don’t click it. Furthermore, don’t download attachments to an email unless you can verify that they are legitimate.
Scott Reeves
MailShark
Free anti-spam service
Free email filter service