Don’t fall into the latest Amazon scam

Some weeks ago scammers managed to distribute hundreds of letters misleadingly claiming that recipient’s Amazon.com account will expire soon and that it will be deactivated. No matter that such messages look trustworthy, this is a true example of spam campaign which is used for nothing else but making unaware PC users give their credentials away by filling in the attached form. However, this attachment is detected as Troj/Phish-AZ and should never be opened.

Malicious letters, pretending to be sent by Amazon command, claim:

Subject: You have (1) Message from Amazon
Attached file: NO003950033.html

Dear customer,
Your online account is about to expire and will be deactivated.
Please confirm wether you want to continue using Amazon or not.
If the answer is yes, download and complete the attached form.
If the answer is no, please ignore this e-mail.

Best wishes,
Amazon Team
Note – Do not reply to this e-mail.

If it happens for you to open the attached file, you will see a form asking you to fill in your personal information, such as credit card details, birthday and other. That’s a clear scheme of phishing which is widely used by hackers these days helping them to steal users’ personal information and install malware without any permission asked.
To avoid intrusions like this, never click on links you find in letters that look suspiciously. If you are opening a file you found in the email, never save it and open in “Read-only’ form.

Source: nakedsecurity.sophos.com


  • Tom

    This really useful for the website shoppers and buyers .This has to be stopped in famous E-shopping websites like amazon.