There are so many scams out there online especially just waiting for you in the inbox of your email. I’ve talked about the different kinds email phishing scams out there ranging from PayPal, to Apple, and even Netflix.
Well today, we’re going to be taking a look at another that involves a very popular online retail giant. I’m going to take a look at what makes it a phishing email such as the email address itself, to the body of the email, and any common spelling and grammatical mistakes that you see in these type of emails. The email is an Amazon phishing email and so without further ado, let’s take a closer look.
Amazon Phishing Email
As I mentioned above, we’re going to take a look at an Amazon scam email. Take a look at what the body of the email looks like below:
“Dear firstname.lastname@example.org, Some information in your account seems to be missing or incorrect. Update your account information immediately so you can continue to use all the benefits of your Amazon account. If you don’t update your information within 72 hours, your Amazon account will be restricted. Click the following web address. Update account information. Thank you for your attention and cooperation. Amazon Service Team”
Now I’ve mentioned in the past that you’ll tend to see a lot of spelling and grammar errors, but there are some cases in which you necessarily won’t see any of that. This is going to be one of those times. Still, there are ways to detect that this email really did not come from Amazon.
First off, a legitimate email from a recognized company or business will never address you by your email address. They will address you by your first name since you would have an account with them. This is something that I’ve addressed before and it remains true today. If an email does not address you by your name, it is usually a fraudulent email.
Phishing emails will definitely get more sophisticated as time goes on and so the time will definitely be coming when they will address you by your name and maybe even provide just enough credentials to make you think it is from the actual company itself. In that case if you’re unsure of the email being authentic, you can go to the actual website manually in another browser and search for their customer service number and give them a call. Don’t EVER click the link in the email as it will more than likely take you to a fake website that will capture your login information to your actual account and then there will be major problems after that.
The Email Address
The next thing you’re going to want to take a look out to see if it’s a phishing email is the email address itself. In this case, the email address of this supposed legitimate Amazon email is the following:
Does that look like it’s an actual email address from Amazon? Definitely not! It’s nothing even close to resembling an actual Amazon email. This should honestly be your first red flag, before you check anything else. Taking a look at the actual email address of where it came from will help you to quickly determine if the email is legitimate or not. The rest of it is just icing on the cake as they call it.
There have been some emails that do look fairly close to resembling the real thing so in that case, I would check the emails of the real company you have received before and compare to see if it looks like it’s something legitimate. If you’re still unsure, most companies will have a way you can forward the emails to them and they will be able to let you know if it really is legitimate or a fraudulent email.
I have done that in the past with what looked like real PayPal emails and the actual company quickly responded telling me that they were not from PayPal, giving me peace of mind. They did want to make sure that I didn’t click any of the links in the email and type in my login information, which I didn’t.
What Can Potentially Happen If You Click A Link
I’m going to give you an example of what can happen when you click a link from a fraudulent email. Don’t worry though, I’ve got a very strong anti-virus and malware program so I will not compromise myself and I will not enter any of my login credentials.
I just want to show what can happen when you click a link from a phishing email which is something you never want to do. In this instance, the link in the email is titled “Update account information”. A lot of the fraudulent emails will use links that are titled similar to this. You’ll be able to see some pictures of what happened when I clicked that particular link.
Once it was clicked, a new window popped up trying to go to the website that’s supposed to be Amazon. Needless to say it definitely wasn’t Amazon and instead, I received a nice warning from McAfee Web Advisor letting me know that this particular website I was trying to go to might be risky. In fact, the address it was showing me is not a legitimate Amazon website address even though it does have the word Amazon in the address.
https://authorizedsignin-accountamazon.giize.com/ does not look legitimate at all. Now it gives the option of going back or accepting the risk and continuing on to the site. I decided to accept the risk and click the button and move forward at my own peril. So does the website look anything like Amazon? Well…..unfortunately, or I should say fortunately, I do not know as an error message came up saying that the site could not be reached.
It said that the ERR_CONNECTION_REFUSED. I wasn’t going to try to reload it as I don’t want to take the chance it could actually load and then my computer could get infected with malware or other potential hazards. I immediately closed that window and ran my virus and malware program and glad to say that everything turned out to be ok.
What to Do if You use Your Login Credentials on a Phishing Website
If by chance you end up clicking on a link in the phishing email and a website pops up that looks similar to Amazon or whatever other company might be saying your account has been locked, close out of the site immediately and go to the actual site either by looking it up on Google or typing in amazon.com for example.
You’ll want to contact them immediately especially if you tried using your login information on the fake website. What will more than likely happen is that your actual account may be frozen to try to prevent any fraudulent activity from happening. They may even have you create an all new account and might warn you to contact your financial institution and let them know of unauthorized charges that might try to come through your bank account.
Quite awhile back, in the earlier days of the XBox 360, I used to subscribe to XBox Live and I noticed one day that I had some rather large pending charges getting ready to come through my bank account. I know I didn’t make those purchases at all and so I immediately contacted Microsoft and let them know of the situation. They immediately looked into my account and noticed that it had been hacked so they quickly froze my account and launched an investigation. Meanwhile, they told me to go to my bank and let them know those charges were unauthorized.
I had to speak to a personal banker and get a dispute form going, but thankfully the charges never went through. In some rare cases they may even suggest you file a police report, but there’s honestly nothing they can do since this type of crime or victimization originated outside their jurisdiction.
Have any of you ever been a victim of hacking or fallen for a phishing email? If so, how did you resolve the situation or did some bad things happen which you had to try to fight? Feel free to post your comments below!