Amazon users targeted with new phishing attack

Share this article:

Users who receive an email claiming their Amazon account is about to expire should think twice before clicking on any attachments.

That's because the message may have been sent from a cybercriminal, researchers at anti-virus firm Sophos have warned.

Attackers have been widely spamming messages – purportedly sent from Amazon – claiming users' accounts are about to be deactivated. The messages, of course, were not actually sent from Amazon and, in fact, aim to trick users into revealing their personal data.

The unsolicited email, which is arriving in inboxes with subject lines such as “You have (1) message from Amazon,” instructs users to download and fill out an attached form to continue using their Amazon account.

If clicked, the attached file, named “NO003950033.html,” opens a web form, which includes Amazon's logo, that asks users to input their full name, address, credit card information and other details to reactivate their Amazon account. Once a user fills out the form and clicks submit, the information is uploaded to the attackers' remote web server.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.