DO YOU TRUST AMAZON, TOO MUCH?

 

I know many people use and trust Amazon WITHOUT QUESTION. There is a new scam that is relying on that trust (and Amazon’s good name) and trying to use it against you.

Beware online shoppers! The latest email phishing scam looks just like an order cancellation notice from Amazon.com. As always, be sure to double check suspicious emails you receive from Amazon (or any online retailer) before you click on any links.

THE SCAM:
The scam email comes from someone pretending to be Amazon. The email address may look like order-update@amazon.com. The subject line of the email reads, “Your Cancellation” and an order number. The body of the email tells you that your order has been successfully canceled and provides a summary of the order and it contains links.

WHAT TO DO:
Amazon recommends that you delete any cancellation notice with an eight digit order number. However, just because your email has a longer order ID number doesn’t mean that it is real.

To double check your email, be sure to hover over the links to verify their destination. Amazon emails only link to sites that begin with http://”something”.amazon.com. (Note the period before “amazon.com.”)

Sites such as “payments-amazon.com” are not actually Amazon. Amazon also never uses an IP address (a string of numbers separated by periods) followed by a directory name, such as http://”123.456.789.123″/amazon.com/. As with most phishing scams with links, the crooks are hoping you do not pay close attention to the actual addresslink that you are clicking on…what I call “blindly clicking.”

If you click on the link in the scam email, you will be taken to a site that will ask you (over and over) for your Amazon.com username and password. Also, the site may try to install malware on your computer without your knowledge. The malware will further search your computer for personal information and transmit it back to the crooks.

CONFIRM CANCELLATIONS: 
• Go directly to Amazon.com by typing www.amazon.com into your web browser.
• Click “Your Account” in the upper-right corner.
• Go to “Your Orders” and see if an order matches the details in the email you received.

There are some very talented and smart people out there that are always trying to figure out a way to get someone’s personal information. The crooks get better and better every year. Always be suspicious. Computer safety is no different than anything else in life, to get better at it requires reading, knowledge, and practice. I have a quiz for you. Go to the links below and see how good you are at spotting fake websites.

http://www.opendns.com/phishing-quiz/

https://www.phish-no-phish.com/

 

Safe Computing,

John L. Jones

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s