Amazon Phishing / Spoofed Email: Report a spoofed message

There is currently a new Amazon phishing email going around with the subject New authentication method reads. How you proceed when you receive such a dubious email that is supposed to come from Amazon, I've summarized that for you. Also good to know: Before you delete the suspicious-looking Amazon email, you can send it to a service of the mail order company so that the matter can be investigated there. So you can take active action against phishing and spoofed mails. What you shouldn't do: Click on the links included.

Detect and report fake Amazon e-mail: this is how you take action against phishing and data theft!

Detect and report fake Amazon e-mail: this is how you take action against phishing and data theft!

Suspicious message "from Amazon"

I got the email with the subject twice New authentication method in the mailbox this morning. Once addressed to the email address that I actually use on Amazon; once to a second address that I do not use for Amazon. That was the first suspicion even before reading the mail. But there is also the text:

"This email lays down a number of minimum requirements for the security of Internet payments. The EBA guidelines are based on the provisions of Directive 2007/64 / EC2 (“Payment Services Directive”, “PSD”) on the information requirements for payment services and the obligations of payment service providers when providing payment services. In addition, Article 10 (4) of the PSD stipulates that payment institutions must have solid corporate management and appropriate internal control mechanisms in place. For online payments, this means that a new, more secure method of customer authentication must be introduced. To ensure the security of your customer data, a comparison of the stored information is mandatory. Please watch out for possible incorrect entries during the authentication process, should we discover a discrepancy to the data stored with us, your account will inevitably be blocked."

How can you recognize a phishing mail?

A fake email that claims to be from Amazon often has some flaws. At first glance, the text of the sample mail (apart from comma errors) does not seem like it; however, the tonality is completely different than regular notifications from Amazon. Amazon declares more for the little man and the little woman, less in the legal style and without subliminal threats such as "Should we discover a discrepancy between the data stored with us, your account will be inevitably blocked". In addition, the mail was completely nonsensically formatted as a column:

Recommended reading: Do I need antivirus software on the Mac or MacBook?

More signs of a fake email

In addition to the tonality and the formatting, it is noticeable that a note was received in the received mail (at the bottom): "With this service announcement we inform you about important changes regarding your Amazon account.“- Not bad, but Amazon does not mess with umlauts. And so we come to the next sticking point: the email was sent from a .co.uk address. For a German e-mail to German Amazon customers who have delivery to Germany, that is also nonsensical.

Do not click any links, never enter your data and password

If you get such a message, then do not click any link - for example in the said message the link "Verify account“. Let the cursor (the mouse pointer) move over the link or button and see which link target you Browser or show mailing program. In this case it was a bit.ly link – why should Amazon use a URL shortener? That doesn't make any sense either. Obviously someone wants to hide a phishing site here. So never click on such a link, and if you do, then never give your data, your password and so on. Even if there is talk of authentication and the closure of the customer account is threatened.

Order tip: Webcam cover and camsticker for iMac, MacBook, iPhone and iPad

Send phishing mail to Amazon

You can report fake messages (phishing, spoofed mails, etc.) to Amazon.de help. And this is how it works: Write a new email and attach the phishing attempt as an attachment. In this way, all the necessary information is retained. Various assistants such as Outlook, Thunderbird or Mail from Apple simplify this. Send this email to stop-spoofing@amazon.com. If you can't attach the outgoing email, just forward it to the address given. Further information is available from Amazon help.

-

Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.

1 comment

  1. Jolanta says:

    With a reasonably good e-mail provider, it is neither possible to forward such an e-mail nor to send the e-mail as an attachment. With these attempts the mail is recognized as spam or virus. This is the case with GMX and Web.de and also with t-online.de.
    The only thing that helps is to forward the e-mail header (internet headers, e-mail path, headers) and to attach the mail itself, e.g. as a PDF.

Leave a Comment

Your e-mail address will not be published.