Amazon Phish Hunts for Security Answers and Payment Information

SUMMARY :

A phishing scheme targeting Amazon Prime users has been identified, aiming to steal login credentials, verification information, and payment data. The attack begins with a spoofed email claiming the user's payment method has expired. Clicking the update button redirects to a fake Amazon security alert on Google Docs, followed by a fraudulent login page. The scam then requests personal details, address information, and payment card data. This sophisticated phishing campaign not only seeks credentials but also additional information to bypass security measures. Users are advised to verify sender authenticity, log in directly to their accounts, and contact customer service for inquiries. The scheme's resemblance to legitimate Amazon processes makes it particularly dangerous for unsuspecting users.

OPENCTI LABELS :

phishing,social engineering,credential theft,email spoofing,payment fraud,fake login page,amazon prime


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Amazon Phish Hunts for Security Answers and Payment Information