If you receive an email from Amazon telling you that there has been suspicious activity on your account and that you need to update your account information, be wary.
The email has a combination of English and French in the subject line and says that there are problems with your account and you need to update the account details or your account will be officially permanently disabled.
When a victim clicks the "Update Now" button in the email, they are taken to what looks like an Amazon log in page and prompted for the email and password. After entering credentials, the victim is then prompted for their billing address and then finally their credit card information.
Once all of this is entered, the victim is redirected to the real Amazon website.
Southwest Cyber wants to take this opportunity to remind everyone to look for red flags with all emails. This one has several:
- Typos and bad grammar
- A different language than what you use
- The link you are taken to is not the www.amazon.com website.
Regardless of any red flags that you see, never click on any links sent to you in an email that you were not expecting (even be cautious with those you were expecting!). If you receive an email saying there is an issue with your account, go directly to your account (Amazon, your bank, etc.) and look for any notifications there.
To read more on this specific attack, see the HackRead article here.