The holiday season is a time for merriment and good cheer, but hackers have historically used it to take advantage of peoples’ online shopping tendencies. Amazon Phishing Attacks are always on the rise during the holiday season, so you need to take steps now to ensure that you don’t accidentally put yourself at risk—especially with voice spoofing emerging as a threat for Amazon orders.
Amazon Phishing Threat
This particular threat involves an email scam in which users are encouraged to call a number listed to confirm an order, usually one with a large price tag associated with it. This tactic is used to harvest phone numbers and credit card credentials that can be used in later attacks. Security researchers found that the contact number listed on the email is not Amazon’s; instead, it’s a scammer. The user is then contacted by the scammer who requests further financial information, claiming that they are going to cancel the order.
Anyone familiar with Amazon and how it works will immediately be suspicious of these practices. First, most people who use the service will know how to cancel an Amazon order. All they need to do is log into their account and do it from there. Second, if you ordered something, Amazon should technically have your financial information already on record, so why would it need to be confirmed once again? All one needs to do to avoid these threats is slow down, take a step back, and don’t go looking for problems that may not even exist.
These Amazon phishing attacks are not a new concept, but this one is notable because the emails are able to get past spam blockers and content filters. It manages this by using legitimate links within the body of the email, so your email solution might not flag it as spam or a threat.
Protect Your Florida Business
We offer the following advice to you:
- Don’t call numbers you don’t recognize.
- Don’t click on suspicious links in your email inbox.
- Don’t give out your personal information or credit card information just because someone on the phone told you to.
- Check the sender for any message you feel is suspicious to ensure it is legitimate.
- Check your account before responding to any correspondence from the sender.
- Set up multi-factor authentication, just in case.