![]() Our first steps were simply to check where the link went, rather than downloading the actual content it linked to. Nevertheless, we thought we’d follow the phishing link ourselves, just to see how convincing the final result would be – most phishing sites have some sort of “teachable moment” that we can learn from, no matter how smart we think we are already. Although an HTTPS link would not mean that the page is safe, you should treat all HTTP links as unsafe – even if you trust the website at the other end – because unencrypted web connections can easily be snooped on by other people. The link the crooks want you to click uses HTTP. ![]() Therefore the correct action is never to click, whether you believe the link or not. But if the email is true, you can simply go to the Amazon site yourself, or use the Amazon app – the online location of Amazon isn’t a secret. If the email is a scam, the link will be false. There’s no need to click the link in the email.The greeting “Dear Suspended user” looks, and is, peculiar and suspicious. (Online services want to keep you as a customer, not to throw you out!) Amazon almost certainly wouldn’t use words such as “we will be forced to deactivate your account”, and the company wouldn’t need to deactivate your account for failing to respond within a day. There’s an unreasonable sense of urgency and drama.We think fluent speakers of English would notice these and be suspicious. There are numerous grammatical and writing errors in the message.We don’t think that Naked Security readers would fall for this one, for several reasons: We will be forced to deactivate your account automatically if you do not verify your identity. You will not be able to Buy and Sell on amazon until you have click the link below to confirm your account details before 24hrs of receiving this message. Your Billing Address Does Not Match Our Records Your Prime Membership Account Has Been Suspended Due To The Following Problems Below: The “good” news, of course, is that verifying our account was as easy as clicking a link in the email: To add a bit more fear and urgency, the crooks went on to warn us that if we didn’t complete the verification process within 24 hours, then our account would be deactivated, not merely suspended. The scam had an Account Locked subject line, with a warning that we wouldn’t be able to buy or sell anything via Amazon’s services until we verified our account. Earlier this week, we received a moderately believable Amazon Prime phish via email.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |