Phishing Amazon Invoices Sent by Cybercriminals

4
4
3,123
0

Nov 3, 2016 2016-11-03T11:48:32-05:00
Nov 3, 2016 2016-11-03T11:50:47-05:00

Online Threat Alerts (OTA)

Phishing Amazon Invoices Sent by Cybercriminals

Amazon customers are asked to be aware of fake invoices like the one below, which are being sent by cybercriminals. The fake invoices falsely claim that the recipients have made an order and they should click on a link in the same email messages to cancel the order or transaction if they didn't make the purchase. But, the link in the email messages goes to a phishing website that will ask visitors to sign-in with their Amazon credentials and submit their personal and credit card information for verification purposes. And, any information submitted on the phishing website will be sent to cybercriminals behind the scam, who will use the stolen information to gain access to their potential victims’ Amazon accounts, and use the accounts fraudulently. They will also use the stolen credit information fraudulently.

Advertisements - Continue reading below

A Sample of the Fake and Phishing Amazon Invoice

From: Account BL0950@mobile.apple.com
Sent: 02 November 2016 18:11
Subject: Amazon Invoice No.: 2371663123

Amazon
Order Confirmation
Order # 93289-3215123-45679231877

Hello,

Thanks for your order. We’ll let you know once your item(s) have dispatched. Your estimated delivery date is indicated below. You can view the status of your order or make changes to it by visiting Your Orders Arriving: Friday, November 04

Your delivery option:
One-Day Delivery

Your order will be sent to:
Registered address
United Kingdom

Order Details
Order # 93289-3215123-45679231877
Placed on October 29, 2016

Elifestore Electric Pocket Digital Ph Meter Tester Hydroponics Pen Yellow

Condition: New
Sold by eLifeStore Ltd
Fulfilled by Amazon
£9.99
Item Subtotal: £9.99
Postage & Packing: £7.99
Order Total: £17.98

If you did not purchased this item and want to Cancel the transaction Please click on the link below

Amazon customers who were tricked into visiting the phishing website and submitting their information on it, should change their Amazon passwords immediately, check their accounts for discrepancies, and report any found to Amazon. They should also let their banks know that they were tricked into submitting their credit card information on a phishing website.

To prevent phishing scams, Amazon customers should not click on links in email messages to sign into their accounts. They should always go directly to Amazon’ website (www.amazon.com) and sign into their accounts from there. Once they are signed in, they can check their accounts for purchases and view important notifications.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search engine. Search

Write your comment or view the ones below. +

Save

Was this article helpful?

Advertisements - Continue reading below

Comments, Answers, Reviews or Questions

To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. Please keep conversations courteous and on-topic.

Comments 4

Nov 27, 2019 at 1:56 PM by an anonymous user from: New York, United States

Yes, I received a message from this number. (715)496-6978
"Dear Jose, thanks for your purchase. Your order was processed for delivery. View your delivery details here hxxp://i965j.site/fbkb93"
I just copy the link and paste it into the browser. "NEVER CLICK THE LINK"

Nov 8, 2016 at 1:12 PM by an anonymous user from: Kansas City, Kansas, United States

The company I work for has received 2 of these in the last week. One showed a purchase of almost $7,000 and the other of $1,400. The emails had 2 links, either for viewing the invoice, the other to cancel the order. Thankfully the employee that received it came and got me before proceeding. They are using fake amazon-ish websites, one was amazonbilling the other amazonwestva, to help them seem legit, but if you hover over the links, you'll notice that they direct you to my.sharepoint.com, something decidedly un-amazon.

Nov 6, 2016 at 12:19 PM by an anonymous user from: Hereford, England, United Kingdom

Received this email earlier on today advising that I had ordered exactly what is on the example email above - Elifestore Electric Pocket Digital Ph Meter Tester Hydroponics Pen Yellow.
I did click on the cancel link but I didn't get as far as providing any financial information.

Nov 4, 2016 at 4:51 PM by an anonymous user from: Belfast, Northern Ireland, United Kingdom

Just received this email to one of my email addresses where I do not hold an account. Therefore, I know it is fake! Thank you for the update and reassurance though! I did panic a wee bit!

Chels :)

Advertisements - Continue reading below

Write Your Comment, Answer, Review or Question

Enter comment, answer, review or question.