Security News > 2021 > May > Fake Amazon order emails lead to vishing

Fake Amazon order emails lead to vishing
2021-05-21 10:39

Fraudsters are sending out fake Amazon order emails and tricking online shoppers into calling a telephone number manned by them to steal the shoppers' credit card details and other sensitive information.

Both emails look contain Amazon branding and follow a structure similar to real order confirmation emails from Amazon but, if one knows where to look, there are many indications that the emails are fraudulent.

The emails are sent from a Gmail address or one that looks like it "Might" belong to Amazon and the recipient is not addressed by their name.

The actual Trojan horse in these emails is the proffered phone number that recipients are urged to call in order to place a return request or dispute the order.

The first was answered by a real person that pretended to be from the Amazon team and asked them for the order number, name, and credit card details before cutting their call and blocking their number.

A number being taken down is no great stumbling block for fraudsters, because they can quickly set up another one and send out emails with the new number.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/t-3lh-UZRR8/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Amazon 59 4 39 61 15 119