Holiday shoppers who use Amazon.com to purchase gifts will want to look out for a new scam claiming their order can't ship. Around the beginning of December, users first caught wind of a scam that's dampening the holiday cheer for users in the United Kingdom and Australia. The bogus emails state "Your Amazon.com Order Cannot Be Shipped" in the subject line and then urge users to take action so that they can quickly resolve the issue. The main part of the ruse reads as follows:
"Hello,There was a problem processing your order. You will not be able to access your account or place orders with us until we confirm your information.click here to confirm your account.We ask that you not open new accounts as any order you place may be delayed."
Amazon scam email (Source: AARP) Each of the emails comes with a "click here" URL. If a user clicks on it, the scam redirects them to a seemingly legitimate page created by Amazon to verify a user's information. The page specifically asks for a victim's name, contact information, and credit card information (including expiration and CVV security code). That's all the scammers need to make fraudulent payment card purchases in the victim's name.
The fake Amazon page (Source: AARP) Once a user enters in their information and clicks "Save & Continue," the scam redirects them to the real Amazon website. They think all is well and that their purchase is on its way while the scammers are off committing identity fraud. So how can users protect themselves against this scam? First, if people receive an email with a link that Amazon appears to have sent, they should check the "from" field. The domain should yield some email address ending in "@amazon.com." If it doesn't, you know it's a fake. Second, users should hover over the "click here" link. That URL should redirect to a page associated with Amazon's domain. It probably won't, in which case it's a scam. Finally, if users receive an email from Amazon that claims an order of theirs hasn't shipped, they shouldn't click anything in the email. Instead they should sign into their accounts and verify the status of the order from the "Your Orders" feature. News of this scam follows two years after researchers discovered a sophisticated malicious advertising network targeting both Mac and Windows users through dozens of high-traffic sites including Amazon.
Meet Fortra™ Your Cybersecurity Ally™
Fortra is creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions. Learn more about how Fortra’s portfolio of solutions can benefit your business.
