- sir appleot - A passion for Apple knights for over 20 years
Chapter in this post:
Once again there is a message from the area of phishing, because I received an email that night that allegedly came from Amazon. The sender name is Amazon.de security center and the subject includes "New Message!", a Ref-No. and my name. But here, too, as with many previous examples, there are clear indications that this is not a real e-mail from Amazon, but phishing, with which fraudsters want to get my data. This time there is also a Cyrillic letter as a guide;)
I received the phishing email on behalf of Amazon on May 19, 2020. They expose typical and obvious errors as frauds intended to steal data.
New message from the Amazon security center? This is phishing!
The first part of the email is as follows (with the recipient's name instead of NAME):
Hello (NAME),
An attempt was made to access your user account. Our security department has set up an unauthorized login in connection with your personal user account.
In the following section you will find all further information:
This is followed by the “information” that there should have been an unknown “login attempt”, when the corresponding time was, where the location should have been (Kaohsiung, China) and which IP should have been used (240.184.125.210). I will deal with the logical errors in this list below. The email continues after the info block in the following manner:
If yоuе tо log in, you do not need tо initiate оnе further steps. However, if you not the case when you tried to log in, it is necessary to immediately check your data and activate your account.To begin with the consumer information comparison, please click on the following button:
Start the process
Amazon Phishing Mail: The usual signs are there
At first glance, the email looked ... well, not really real either. She immediately showed her true colors to the trained eye. But before I get to the strange characters that activate the phishing alarm bells directly for me, I would like to go into the general characters of a fraudulent e-mail, which also apply here:
- Sender e-mail address: The security cender as the sender name cannot hide mailer@518963720-50.email as the sender e-mail address
- Bad German: An effort was made, but the choice of words, punctuation and other indications indicate a bad translation
- Links do not lead to Amazon: NEVER click on links in suspicious emails, just hover over them with the mouse cursor - the button for this email shows "hohu.tax" (whatever that should be)
- Other links such as "My Orders", "My Account" and "Amazon.de" also do not lead to the desired pages, but to fraudulent pages
- Various details in the email are simply wrong
Letters and other (logical) errors in the Amazon phishing email
This phishing email on behalf of Amazon is something special. Where other scam emails are always more difficult to identify as such (see list below), this example shows how amateurish some scammers still act. Here are a few amusing mistakes that the email immediately exposed to me as total nonsense:
- In the subject there is a instead of an E, the symbol for EU Directive 76/211 / EEC for pre-packed goods (see Wikipedia)
- In the text, instead of an e, there is a Ҽ, a Cyrillic letter, which is separated from the lowercase E with an Ogonek and is pronounced more like a č (see Wikipedia)
- I leave it up to diplomatic interpretation whether one should officially locate Kaohsiung in China - I think one should state Taiwan as the country (see Wikipedia)
- The IP address 240.184.125.210 will most likely not have been used for an Amazon login because it is reserved (see Wikipedia)
- The Amazon logo and the footer are missing in the email; In addition, the layout is borrowed from a shipping confirmation, only that “order number” has been exchanged for “file number”
As you can see, you don't need to worry about unauthorized access to your Amazon account because of this email. Because she is total nonsense. You can either ignore them and delete them directly (and block the sender) or you can delete them before deleting them report to Amazon.
More articles on phishing and the detection of fake emails
- What are phishing emails? Recognize the characteristics of fake post!
- PayPal e-mail on "Directive 2015/2366 (PSD2)" is phishing!
- Email warning from the lawyer? That could be phishing!
- Caution: Sparkasse phishing emails are in circulation
- DE-SAM32013: Undeliverable package - SMS spam with an expensive subscription!
-
Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.
Maybe also interesting?
"PP Customer Service" - New phishing email on behalf of PayPal
What are phishing emails? Recognize the characteristics of fake post!
Warning: Amazon security alert email is a phishing email
Attention: very well camouflaged Sparkasse phising mail on the subject of S-PushTAN on the go
Phishing warning: ALL-INKL webmail email is not genuine
MasterCard email: card blocked or just phishing?
Current warning of Postbank phishing emails
Caution: Sparkasse phishing emails are in circulation
Jens has been running the blog since 2012. He appears as Sir Apfelot for his readers and helps them with problems of a technical nature. In his free time he drives electric unicycles, takes photos (preferably with his iPhone, of course), climbs around in the Hessian mountains or hikes with the family. His articles deal with Apple products, news from the world of drones or solutions for current bugs.
1 comment
Very helpful site, I can only recommend it!