Amazon-Themed Phishing Campaigns Swim Past Security Checks

2020-07-16 13:00

Researchers at Armorblox recently spotted a pair of savvy campaigns leveraging Amazon: A credential-phishing attempt using a purported Amazon delivery order failure notice; and a voice phishing attempt also using Amazon delivery order.

Both are examples of the ever-more sophisticated phishing efforts being developed by fraudsters that are aimed at gaming traditional email security efforts, researchers said.

"The first page victims see after clicking the link in the email is a login portal. Upon closer inspection, you will notice the 'Dangerous' warning on the browser tab next to the domain; you will also notice the domain itself - sttppcappr[.]com - is clearly not an Amazon domain. But attackers bank on victims being in a rush and not engaging with the email or the phishing flow with the rational, slower-thinking part of their brains."

On the social-engineering front, he added, "The email sender name was 'Support Reply', which isn't an exact replication of an Amazon automated email but still 'robotic' enough to pass our subconscious eye tests."

According to Armorblox, the initial emails came from a Gmail account that impersonated Amazon, informing readers that their Amazon order had shipped.

News URL

https://threatpost.com/amazon-phishing-campaigns-security-checks/157495/

#amazon #phishing #security