[ad_1]
Amazon's invented holiday on "epic contracts" and the painstaking work of its warehouse employees is fast approaching and therefore appears to be a pretty convincing phishing scam disguised as emails by the technology giant.
McAfee researchers discovered an "Amazon Phishing Kit" in May this year, designed after a phishing scam that hit Apple users last year, according to a blog by the security company. The researchers believe that the same group is behind the attack of Amazon alongside another malicious actor.
How phishing scams evolve – and how not to get caught
Phishing is one of the most reliable methods that a potential hacker can use to access your …
Read more
The kit allows someone to create an email with a PDF attachment similar to the one sent by Amazon. The links included in the email direct the victim to a fake Amazon login page. According to images published by McAfee, they are rather convincing, although they are quite basic in terms of phishing. Links that direct someone to the wrong login page are malicious, however, and the researchers wrote that any data collected after someone clicked on the link would be sent to the kit creator via Telegram .
If a person falls into the scam and fills in the information requested on fake web pages, then they will have their name, their Amazon password (and if this password has been used for other websites, access to these accounts too), his birthday, his address, credit card information and social security number, reported Wired.
"Cybercriminals are taking advantage of popular and highly visible events as consumers expect more email, while their malicious emails can hide more easily," Wired Crane Hassold threat intelligence at Agari, a digital fraud defense company. "Consumers are also more likely to receive advertising or marketing emails during certain times of the year (Black Friday, Christmas, Memorial Day) and cyber criminals modify their attacks accordingly to increase their chances of success.
While the Amazon version of the phishing scam had been discovered in May and that it had already been deployed more than 200 times, Prime Day is a favored day to target Amazon's customers by train vibrate about good deals and therefore more inclined to click on links with less healthy skepticism.
The main day is July 15th and 16th. So be particularly careful when you click on what might be a suspicious email from the company on those days. You can always check if the e-mail is sent from a legitimate Amazon domain, but this can be spoofed. The researchers therefore recommend that if an e-mail asks you to browse their website to enter personal information, you will do so manually. on the login page rather than being led by a potentially malicious link.
You can also stick to the man simply by not letting yourself be seduced by the company-made holidays, helping Amazon workers grossly abused by sending those Amazon emails to the trash .
[ad_2]
Source link