Cyber Threat Report: Amazon Phishing Email

What do you know about Phishing email from Amazon? Scammers send emails to potential victims claiming the recipient has begun an Amazon Music subscription and will be charged each month.
A link to cancel the subscription is included in the email, which directs the user to enter their credit card information to do so and obtain a refund.
Sadly, a lot of people are falling for this con.

The COVID-19 pandemic has caused an increase in people’s time spent at home and their use of online buying platforms, according to Katherine Hart, Lead Officer at the Chartered Trading Standards Institute.
Although phishing attacks have historically targeted consumers of large platforms like Amazon, the current crisis has increased their vulnerability.

Remind yourself to never click the link in emails like this one. Always access your official account first before contacting Amazon customer care.

There are currently millions of phishing emails in circulation, and this is just one of them.
Phishing Box reports that 90% of breaches in Q1 2020 included a phishing incident, and 64% of firms had experienced one in the previous year.

READ MORE: Cyber Threat Report: SBA COVID-19 Phishing Emails

What is a Phishing email from Amazon? Phishing email from amazon is most frequent online threat involves a cybercriminal trying to fool you by producing and sending phone emails that look real in order to infect your machine with malware or a virus and steal your login information.

Quickly spot a phishing email by looking out for these tell-tale signs:

1. Is confidential information requested in the email? Passwords, credit card information, credit scores, etc. are never requested by email by legitimate businesses. If you receive an email asking for any of this information, especially if it was not requested, there is a good chance it is a hoax.
2. Does the email use your name while addressing you? It’s likely a phishing email if it refers to you as a “valued member,” “account member,” or “customer.” Legitimate businesses will refer to you by name and have your information.
3. Verify the domain name once more! Hover your cursor over the email address in question and read it letter by letter and number by number to ensure there have been no changes. Additionally, seek for public email domains… No trustworthy business will get in touch.
4. Is the grammar clear? A trustworthy business will only receive well-written emails. Multiple grammatical and spelling mistakes indicate that the email is most likely a phishing scam.
5. Watch out for links! Never click a link without first moving your cursor over it to view the webpage. As a further warning, some online criminals will create phishing emails that are completely coded as a hyperlink.
6. Exists an attachment, if so? Be cautious if you get an unsolicited email with an attachment since it can be infected with malware or a virus. Watch out for high risk file formats like.exe,.com,.scr, and.zip. Contact that business if you even have the least suspicion that something is wrong.
7. Exists a feeling of urgency? In order to get you to click on the link or download the file without first verifying the email’s veracity, many cybercriminals may threaten you and tell you to “act now or else.” This works really well at work.

If you click on a bad link or enter in your credentials, here’s what you need to do:

1.  your supervisor right away if it happened on a work device or using credentials from your place of employment.
2. Change the password to your email right now. Never use a password that is identical to the previous one. Never modify your password to Password1, for instance, if it is Password1.
3. Enable Multi-Factor Authentication right away on all of your online accounts if you weren’t already doing so for an additional degree of security.
4. To ensure that the cybercriminal hasn’t sent any malicious emails to your contact list, check your sent folder.
5. Check the rules on both your Web app and your Outlook app. By doing this, you can make sure the hacker didn’t continue to have access even after you changed your password. Look for rules you don’t recall creating, rules that indicate anything is arriving in the inbox, rules that send emails to the trash or junk folders, and maybe rules that route emails from your inbox to an email address you are unfamiliar with.

READ MORE: Cyber Threat Report: Insider Threats