Amazon phishing

Ask your investment, budget, and other money related questions here
Post Reply
George the original one
Posts: 5336
Joined: Wed Jul 28, 2010 3:28 am
Location: Wettest corner of Orygun

Amazon phishing

Post by George the original one »

Latest Amazon scam is a quite convincing "payment rejected" email asking you to update your payment method. Giveaway that it's a phishing attempt is lack of a To: field because it was delivered to you via the Bcc: field as a mass mailing. Links in the email all go to scam websites that will harvest your payment info.

Site Admin
Posts: 12426
Joined: Fri Jun 28, 2013 8:38 pm
Location: USA, Zone 5b, Koppen Dfa, Elev. 620ft, Walkscore 73

Re: Amazon phishing

Post by jacob »

I don't click on company/any emails at all anymore. Instead I'll log onto the site directly and get the notification (if any) there. This up to the point where I won't copy and paste the URL but look up what the actual URL should be from either wiki or the top google result.

For suspicious/unusual emails, it's also worthwhile to look at the full header---scammers can manipulate a lot of the fields but they can't change everything because the email has to come from somewhere.

Posts: 83
Joined: Sat Nov 30, 2019 2:43 pm

Re: Amazon phishing

Post by 5ts »

Thanks for the warning. I follow Jacob's procedure, aside from newly created accounts where the site wants you to click here to verify email/account. After that I never click on links in email. It's sufficiently poisoned that I even have malicious stuff from hijacked friend emails.

Posts: 2959
Joined: Wed Apr 02, 2014 7:46 pm

Re: Amazon phishing

Post by IlliniDave »

In general if it has to do directly with payments and accounts I'll navigate independently to the site and log in. If it's something benign like "link to your monthly utility bill below" I might follow it if the url really goes to the utility company. Happily, almost all of my bill reminder emails now include the amount due in the email itself, so I don't need to check unless something looks amiss. Very few fraudulent emails get through my email domain's spam filter, but I still stay on my toes (we get a lot of this type of "training" at work).

What's worrisome to me is that my dad is increasingly susceptible to fall into one of these scams, and his somewhat gullible circle of email corresponders are often nodes for stuff reaching him. At least for now if something sets off his BS detector but not strongly enough he immediately discards it, he contacts me for a second opinion.

User avatar
Posts: 1935
Joined: Tue Jul 10, 2012 5:15 pm
Location: Orange County, CA

Re: Amazon phishing

Post by Sclass »

It’s amazing how good these things are getting. I get ones from credit card companies I don’t use and they look like legit logos and artwork. I had a capital 1 scam email lately that even put legitimate links to the capital 1 website up top to establish faith...but the critical link at the bottom to “log in” and clear up my apparent fraudulent charge was definitely a phishing trap.

A lot has passed since guys warned me about the scripts in the university computer center that would prompt for logins then automatically log you in while recording your credentials. Same dumb trick. “>Welcome to Ethernet”

Posts: 2764
Joined: Mon Jan 30, 2017 8:37 am

Re: Amazon phishing

Post by Jason »

Soon they'll be suing Amazon for stealing their idea once Jeff Bezos creates his own Amazon phishing company.

Post Reply