Online Threat Alerts (OTA)
An anti-cybercrime community alerting the public.

Phishing Amazon Invoices Sent by Cybercriminals

  • 4
  • 3,115
  • Nov. 3, 2016

Amazon customers are asked to be aware of fake invoices like the one below, which are being sent by cybercriminals. The fake invoices falsely claim that the recipients have made an order and they should click on a link in the same email messages to cancel the order or transaction if they didn't make the purchase. But, the link in the email messages goes to a phishing website that will ask visitors to sign-in with their Amazon credentials and submit their personal and credit card information for verification purposes. And, any information submitted on the phishing website will be sent to cybercriminals behind the scam, who will use the stolen information to gain access to their potential victims’ Amazon accounts, and use the accounts fraudulently. They will also use the stolen credit information fraudulently.

Advertisements

A Sample of the Fake and Phishing Amazon Invoice

From: Account BL0950@mobile.apple.com
Sent: 02 November 2016 18:11
Subject: Amazon Invoice No.: 2371663123

Amazon
Order Confirmation
Order # 93289-3215123-45679231877

Hello,

Thanks for your order. We’ll let you know once your item(s) have dispatched. Your estimated delivery date is indicated below. You can view the status of your order or make changes to it by visiting Your Orders Arriving: Friday, November 04

Your delivery option:
One-Day Delivery

Your order will be sent to:
Registered address
United Kingdom

Order Details
Order # 93289-3215123-45679231877
Placed on October 29, 2016

Elifestore Electric Pocket Digital Ph Meter Tester Hydroponics Pen Yellow

Condition: New
Sold by eLifeStore Ltd
Fulfilled by Amazon
£9.99
Item Subtotal: £9.99
Postage & Packing: £7.99
Order Total: £17.98

If you did not purchased this item and want to Cancel the transaction Please click on the link below

Amazon customers who were tricked into visiting the phishing website and submitting their information on it, should change their Amazon passwords immediately, check their accounts for discrepancies, and report any found to Amazon. They should also let their banks know that they were tricked into submitting their credit card information on a phishing website.

To prevent phishing scams, Amazon customers should not click on links in email messages to sign into their accounts. They should always go directly to Amazon’ website (www.amazon.com) and sign into their accounts from there. Once they are signed in, they can check their accounts for purchases and view important notifications.

Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Share this article with others.
Advertisements
Write / View Comments (4)
View on Online Threat Alerts (OTA)
Help Maintain Online Threat Alerts (OTA)
Copyright © 2012 - 2024 - Online Threat Alerts (OTA).