Online Payment
image description

tech blogging > our corner of the web

tech blogging >

Seller Beware :: Amazon Email Scam

Wednesday, May 10, 2017
By Tim Felstead, IT Consultant

People need to be careful and informed to avoid a phishing attack.

If you're like most, your email Inbox is an important part of your day. However, during the hectic pace of the business day, it can be too easy to miss a security threat staring at you from your own computer screen. Nowadays, it’s best to slow down and take a few extra minutes when going through your Inbox. Here is a case in point. I recently received an email that stated there was a balance due on my Amazon seller account and asked that I update my credit card information. I was immediately suspicious. After looking closer, I realized it was a sophisticated phishing email attempting to steal my credit card information.


As you can see, they put some effort into making this look like an official message. The email address appears to be from Amazon Seller Notifications and there’s even Copyright information at the bottom of the message. They even used good grammar on the message. Poor grammar or multiple incorrectly spelled words are the very first red flag that a message is a fraud.

So let’s break down how we can determine if a message is legitimate or not.
1. Is the email relevant to you? In this case, No I don’t have an Amazon seller account. If you get an email from a bank, store, or other online vendor and you don’t bank with that company, shop there, or have an account with them… delete the message because it’s a scam.

2. Is the sending email address complete? If you notice, the address on this email does not contain a .com on the end of the address. The senders address as listed is <seller-notification@amazon>, not <seller-notification@amazon.com>. Always check the sender's email address.

3. Will the link take you to the correct website? In the message, when I hover over the embedded link for “Seller Account information” I can see that the address is not for Amazon.com. The link is actually sending me to the URL http://vuongqucsen.com/indx.html.php?id=dGltZA0=. Not only is this not Amazon.com, it is not a secure link. A secure link is indicated by the “s” in https://. Always carefully mouse over any embedded links in a message to see where the URL will actually be taking you.

If the message seems questionable, odds are good that it is. A couple quick checks beforehand can save you hours of grief later on. If you have questions on a potential phishing scam or what to do if your network has been compromised, call our help desk at 616.837.6930.
Comments
Post has no comments.
Trackback Link
http://www.itrw.net/BlogRetrieve.aspx?BlogID=11506&PostID=1496131&A=Trackback
Trackbacks
Post has no trackbacks.