It’s time to go back to phishing scams because unfortunately, this is the time of the year they can get really bad. The holiday season is now officially upon us and that means scammers are going to go into overdrive to try to take away your hard-earned money.
I received an email the other day that was supposedly from a very well-known online retailer and at first glance, I briefly thought it was a legitimate email from them. Then I decided to open the email fully and read what it said as well as clicked the link inside of it and I quickly learned that it definitely was not from this online retailer.
I can’t reiterate this enough. You’ve got to be extremely careful this time of year (and throughout the entire year) because so many orders for gifts are going to be happening online with Black Friday deals, Cyber Monday deals and other specials that will take place from now until Christmas. I’m going to go over what this email said and what tipped me off that this is likely a scam. Here’s a link to the last phishing scam I talked about.
Is My Amazon Account Locked?
When I first saw the subject or title of the email, I will admit that my mind got a little worried. No one ever wants to see the headline stating that their Amazon account has been locked especially not this time of year. I definitely want to take advantage of some of the wonderful deals happening on Amazon and so I didn’t want to see anything that says my account is locked.
Also in the subject line is what appears to be a case number. Does that mean that this is a legitimate email that my account is truly in serious trouble? To me, it could certainly give the email more legitimacy, but there are certainly other things to check out.
Another thing I decided to check out was the email address that the email came from. Now it initially looks like it came from Amazon as it says email@example.com. It certainly looks legitimate, but there is something you’re going to have to take a closer look at in regard to this. This is where you’re going to have to pay special attention to because scammers are getting better at making email addresses seem like they are legitimately from the company they are trying to imitate. I will talk more about this here in a bit.
Now it’s time to take a closer look at the inside of the email. What are they trying to warn me about? Also, what kind of action do I need to take in order to restore or unlock my Amazon account? Is what they say the truth or something far more sinister?
Do I take action or not?
The big question now is, what does the email say? Well, let’s take a look at.
𝖶𝖾 𝗁𝖺𝗏𝖾 𝗅𝗈𝖼𝗄𝖾𝖽 𝗒𝗈𝗎𝗋 𝖠𝗆𝖺𝗓𝗈𝗇 𝖺𝖼𝖼𝗈𝗎𝗇𝗍 𝖺𝗇𝖽 𝖺𝗅𝗅 𝗉𝖾𝗇𝖽𝗂𝗇𝗀 𝗈𝗋𝖽𝖾𝗋𝗌.
𝖶𝖾 𝗍𝗈𝗈𝗄 𝗍𝗁𝗂𝗌 𝖺𝖼𝗍𝗂𝗈𝗇, 𝖻𝖾𝖼𝖺𝗎𝗌𝖾 𝗐𝖾 𝖿𝗈𝗎𝗇𝖽 𝗌𝗎𝗌𝗉𝗂𝖼𝗂𝗈𝗎𝗌 𝖺𝖼𝗍𝗂𝗏𝗂𝗍𝗒 𝗂𝗇 𝗒𝗈𝗎𝗋 𝖠𝗆𝖺𝗓𝗈𝗇 𝖺𝖼𝖼𝗈𝗎𝗇𝗍. 𝖸𝗈𝗎 𝗆𝗎𝗌𝗍 𝗍𝖺𝗄𝖾 𝖺𝖼𝗍𝗂𝗈𝗇 𝖿𝗈𝗋 𝗍𝗁𝖾 𝗌𝖾𝖼𝗎𝗋𝗂𝗍𝗒 𝗈𝖿 𝗒𝗈𝗎𝗋 𝖺𝖼𝖼𝗈𝗎𝗇𝗍.
𝖳𝗈 𝗎𝗇𝗅𝗈𝖼𝗄 𝗒𝗈𝗎𝗋 𝖺𝖼𝖼𝗈𝗎𝗇𝗍, 𝗉𝗅𝖾𝖺𝗌𝖾 𝖼𝗈𝗇𝖿𝗂𝗋𝗆 𝗒𝗈𝗎𝗋 𝗂𝖽𝖾𝗇𝗍𝗂𝗍𝗒 𝗍𝗈 𝖼𝗈𝗇𝖿𝗂𝗋𝗆 𝗍𝗁𝖺𝗍 𝗒𝗈𝗎 𝖺𝗋𝖾 𝗍𝗁𝖾 𝖺𝖼𝖼𝗈𝗎𝗇𝗍 𝗈𝗐𝗇𝖾𝗋.
𝖨𝖿 𝗒𝗈𝗎 𝖽𝗈𝗇’𝗍 𝖼𝗈𝗆𝗉𝗅𝖾𝗍𝖾 𝗍𝗁𝖾 𝗏𝖾𝗋𝗂𝖿𝗂𝖼𝖺𝗍𝗂𝗈𝗇 𝗉𝗋𝗈𝖼𝖾𝗌𝗌 𝗐𝗂𝗍𝗁𝗂𝗇 𝟤𝟦 𝗁𝗈𝗎𝗋𝗌, 𝖺𝗅𝗅 𝗉𝖾𝗇𝖽𝗂𝗇𝗀 𝗈𝗋𝖽𝖾𝗋𝗌 𝗐𝗂𝗅𝗅 𝖻𝖾 𝖼𝖺𝗇𝖼𝖾𝗅𝖾𝖽 𝖺𝗇𝖽 𝗐𝖾 𝗐𝗂𝗅𝗅 𝗉𝖾𝗋𝗆𝖺𝗇𝖾𝗇𝗍𝗅𝗒 𝗅𝗈𝖼𝗄 𝗒𝗈𝗎𝗋 𝖺𝖼𝖼𝗈𝗎𝗇𝗍.
𝖸𝗈𝗎 𝖼𝖺𝗇𝗇𝗈𝗍 𝖺𝖼𝖼𝖾𝗌𝗌 𝗒𝗈𝗎𝗋 𝖺𝖼𝖼𝗈𝗎𝗇𝗍 𝗎𝗇𝗍𝗂𝗅 𝗍𝗁𝗂𝗌 𝗉𝗋𝗈𝖼𝖾𝗌𝗌 𝗂𝗌 𝖼𝗈𝗆𝗉𝗅𝖾𝗍𝖾.
𝖠𝗆𝖺𝗓𝗈𝗇 𝖧𝖾𝗅𝗉 𝖢𝖾𝗇𝗍𝖾𝗋”
So apparantly, Amazon has found suspicious activity on my account. It says that I must take action for the security of my account. They want me to confirm my identity showing that I’m the account owner and if I don’t do it within 24 hours, any orders that I had will be canceled and my account permanently locked. This is massive cause for concern isn’t it? I mean, this message would cause anyone to go to red alert because you certainly don’t want to lose access to your account and have all your orders canceled, especially this time of year.
The next part of the email has a clickable link or button that’s yellow and says Verify Now. With the message that’s been read, I can understand why someone would want to take immediate action because you want to get your Amazon account taken care of as soon as possible so that you can get back to ordering great gifts for family and friends.
Let’s say you end up clicking that link and a separate browser opens up and takes you to the Amazon website or rather, one that practically identical to it. If you’re still in a panicked state at this point, you’ll probably end up using your log in credentials to get into your account, do what they say to verify who you are, and then you get a message that your account is unlocked and you’re ready to start ordering again.
If you think everything is ok again and you have nothing to worry about, you better think again because you’ve given the scammers access to your Amazon account and the REAL damage will likely begin and trust me, it’s something you don’t ever want to have to deal with. So how did you miss the signs that this email is a scam? I’ll go over that next.
Red Flags that the email is a scam
It’s time to take a look at red flags that show this email is a scam and there are several of them. Now in the past, I’ve usually said that you want to look for some of the most blatant ones which would be spelling and grammatical errors and a lot of times, scam emails contain quite a bit of them, but there are times scammers do take particular care to make them nonexistent or very minimal.
This email does not actually have any serious spelling or grammar errors that would give this email away so that right there would make this email seem like it’s more legitimate. So what do you do when you don’t spot any of these errors? Well, let’s go back to the beginning of the email and pay close attention to it.
Notice how it says “Dear Customer“. This should be a major red flag and I’ll tell you why. If you legitimately have an account with Amazon or any other company that an email claims to be from, why wouldn’t they address you by name, especially your first name? Why would it be “Dear Customer”? I mean that could be for anyone with Amazon because if you think about it, if something was truly wrong with your account, you’d certainly want to make sure it is definitely yours and not anyone else’s.
Let’s take a small look at an actual email I received from Amazon recently as I placed an order for an item there. It says “Hi Brian, your package will arrive:“. For safety concerns, I won’t post the rest of it, but that is truly how an email from Amazon is supposed to start out. They say my first name so that lets me know that it is legitimate.
Are there any other red flags to look for? The answer is definitely yes. Remember when I was talking about the email address and how you want to check it to see if it’s legitimately from Amazon or not? Well I’m going to show you how to recognize that this particular email address is definitely not an Amazon one.
A Fake email address
I’ve said this before in past articles of phishing emails and I’ll say it again. Checking an email address will always be your biggest red flag. The scammers may become better at keeping spelling and grammatical errors out of these type of emails, but the email itself has to come from a specific email address and if you know where to look, they’ll never be able to hide that.
Now the email address at first glance might really seem like it’s from Amazon as it has firstname.lastname@example.org. Once you open the email fully though and then look at the top, you’ll see that there’s another email address beside the no-reply one. As you’ll see, it’s a FAR longer address that feels like it’s nothing but a jumbled mess of random numbers and letters.
That is the true email address and one the scammers have actually used even though they tried to disguise it as a legitimate email address from Amazon. You’ll want to always check this before anything else as this will always show whether the email is legitimate or a scam.
Also, the case number or ID in the subject line is fake. They just put it there to make it seem like the email is the real deal and to try to get you to panic. Don’t fall for it as they just made up some random number so it will seem like it’s real.
Always be vigilant
You always want to be vigilant this time of year in your inbox because scammers are going to do whatever they can to try to get you to fall for one of their emails. Anything that addresses you as dear customer is not going to be real and most likely any email that says your account is locked, restricted, has issues, or whatever else could go wrong with your account, is more than likely fake.
You never want to click the link in one of those emails because it will take you to a website designed to look like Amazon, but really isn’t and if you try to log in with your real Amazon credentials, the scammers will have your true Amazon log in information and will be able to log into your actual account and start doing damage such as ordering things, changing your shipping address, payment information, password, etc.
If this has happened to you, you’re going to want to contact Amazon immediately to let them know that your account has been or is in danger of being compromised. More than likely they’ll freeze your account or might even ask you to create a new one.
Getting an email saying that your Amazon account has been locked is always worrying and if you truly believe that it might’ve actually happened to your account, you just need to open a separate web browser and then type in amazon.com and log in to your actual account. What you’ll more than likely see is that your account is perfectly fine. These type of emails are designed to cause you to panic. They don’t want you to think logically as they want you to truly believe something is wrong with your account and then to click their link inside the email so that they can try to get your log in credentials. Now that you’ve seen some more phishing scam examples and know what to look for, you can prevent yourself from becoming a victim.