Amazon users targeted with new phishing attack

Share this article:

Users who receive an email claiming their Amazon account is about to expire should think twice before clicking on any attachments.

That's because the message may have been sent from a cybercriminal, researchers at anti-virus firm Sophos have warned.

Attackers have been widely spamming messages – purportedly sent from Amazon – claiming users' accounts are about to be deactivated. The messages, of course, were not actually sent from Amazon and, in fact, aim to trick users into revealing their personal data.

The unsolicited email, which is arriving in inboxes with subject lines such as “You have (1) message from Amazon,” instructs users to download and fill out an attached form to continue using their Amazon account.

If clicked, the attached file, named “NO003950033.html,” opens a web form, which includes Amazon's logo, that asks users to input their full name, address, credit card information and other details to reactivate their Amazon account. Once a user fills out the form and clicks submit, the information is uploaded to the attackers' remote web server.

Share this article:

Sign up to our newsletters

More in News

Latest Citadel trick allows RDP access after malware's removal

Latest Citadel trick allows RDP access after malware's ...

Trusteer, an IBM company, said the new Citadel configuration was detected this month.

Cryptoblocker variant emerges, encryption differs from CryptoLocker

Trend Micro has detected a variant of CryptoLocker in the wild that relies on the advanced encryption standard.

Jimmy John's sandwich chain investigating possible breach

Some financial institutions have indicated that credit cards recently used at Jimmy John's locations have been used to make fraudulent purchases.