Before you start your holiday shopping, beware of the many tricks and scams that are currently out there, phishing information from online shoppers. Most recently, a legitimate looking email has been circulating to both Amazon Prime and non-Prime members that reads; “Your Amazon.com order cannot be shipped.” In the subject line.
The email states that Amazon had trouble processing the order, that you will not be permitted to access your account or place orders with Amazon. It then prompts the intended victim to confirm the account information. The email goes on to state that the targeted shopper can not open any new accounts until the issue is resolved and to read the terms and conditions for further questions.
The link in the email takes the targeted shopper to a very realistic “Amazon” page, to re-enter account information (name, address, and credit card information.) Once the cyber scammers have your information, the fake page redirects the victim to the real Amazon website, to keep any suspicions at bay.
Holiday shoppers can stay vigilant of scams such as this simple phishing email and others by following a few safe practices.
Any safe shopping site or any website that collects financial information will have “https” at the beginning of the URL. Beware of websites without the “S” (“http”) at the end. To check if the URL is safe, simply copy and paste the link into a text document to view the full domain name. Just be sure to refrain from actually entering these unsecure pages.
Read the URL Carefully.
Much like spoofing phone numbers, unsecure domains can look legitimate at first glance. But beware of addresses that are misspelled or use a similar name. For example, Amazion.com, AmazonBillingDept.com or AmazonCustomerSupport.com look legit. Keep in mind that the real Amazon.com website would not have separate domain names. It would use a forward slash for these services such as; https://www.amazon.com/gp/help.
Look at the Email Address not the sender name.
Double check that the email address contains the proper domain name at the end of the address. Cyber scammers will often use legitimate looking email addresses like AmazonCustomerSupport@gmail.com to fool a victim. Stay vigilant in checking that the senders address ends in @amazon.com or the shop you frequent. Remember that fraudulent domains are used to create fake email addresses. Many scammers will often use the sender field to trick victims. So if you read “Amazon Customer Support” in the sender field, always double check the email address.
As with most large online retailers, you can send these fraudulent emails as an attachment to the retailer and ask that the IT security department attempt to shut down the scam.
Login without clicking on the link
If you get an email with a warning or issue with your account, do not click the URL listed to resolve the problem. You can avoid potential fraud by logging into your account directly.
Two Step Authentication
When it’s available, use two step authentication to sign into accounts where you use a credit card or have personal information stored. Two Step Authentication often uses a mobile cell phone to text an authentication code in addition to login username and passwords. This step can prevent hackers or scammers from logging into your bank, email, online shop or credit card accounts from a computer that is not recognized.