Users who receive an email claiming their Amazon account is about to expire should think twice before clicking on any attachments.
That's because the message may have been sent from a cybercriminal, researchers at anti-virus firm Sophos have warned.
Attackers have been widely spamming messages – purportedly sent from Amazon – claiming users' accounts are about to be deactivated. The messages, of course, were not actually sent from Amazon and, in fact, aim to trick users into revealing their personal data.
The unsolicited email, which is arriving in inboxes with subject lines such as “You have (1) message from Amazon,” instructs users to download and fill out an attached form to continue using their Amazon account.
If clicked, the attached file, named “NO003950033.html,” opens a web form, which includes Amazon's logo, that asks users to input their full name, address, credit card information and other details to reactivate their Amazon account. Once a user fills out the form and clicks submit, the information is uploaded to the attackers' remote web server.