Chapter in this post:
There is currently a new Amazon phishing email going around with the subject New authentication method reads. How you proceed when you receive such a dubious email that is supposed to come from Amazon, I've summarized that for you. Also good to know: Before you delete the suspicious-looking Amazon email, you can send it to a service of the mail order company so that the matter can be investigated there. So you can take active action against phishing and spoofed mails. What you shouldn't do: Click on the links included.
I got the email with the subject twice New authentication method in the mailbox this morning. Once addressed to the email address that I actually use on Amazon; once to a second address that I do not use for Amazon. That was the first suspicion even before reading the mail. But there is also the text:
"This email lays down a number of minimum requirements for the security of Internet payments. The EBA guidelines are based on the provisions of Directive 2007/64 / EC2 (“Payment Services Directive”, “PSD”) on the information requirements for payment services and the obligations of payment service providers when providing payment services. In addition, Article 10 (4) of the PSD stipulates that payment institutions must have solid corporate management and appropriate internal control mechanisms in place. For online payments, this means that a new, more secure method of customer authentication must be introduced. To ensure the security of your customer data, a comparison of the stored information is mandatory. Please watch out for possible incorrect entries during the authentication process, should we discover a discrepancy to the data stored with us, your account will inevitably be blocked."
A fake email that claims to be from Amazon often has some flaws. At first glance, the text of the sample mail (apart from comma errors) does not seem like it; however, the tonality is completely different than regular notifications from Amazon. Amazon declares more for the little man and the little woman, less in the legal style and without subliminal threats such as "Should we discover a discrepancy between the data stored with us, your account will be inevitably blocked". In addition, the mail was completely nonsensically formatted as a column:
Recommended reading: Do I need antivirus software on the Mac or MacBook?
In addition to the tonality and the formatting, it is noticeable that a note was received in the received mail (at the bottom): "With this service announcement we inform you about important changes regarding your Amazon account.“- Not bad, but Amazon does not mess with umlauts. And so we come to the next sticking point: the email was sent from a .co.uk address. For a German e-mail to German Amazon customers who have delivery to Germany, that is also nonsensical.
If you get such a message, then do not click any link - for example in the said message the link "Verify account“. Let the cursor (the mouse pointer) move over the link or button and see which link target you Browser or show mailing program. In this case it was a bit.ly link – why should Amazon use a URL shortener? That doesn't make any sense either. Obviously someone wants to hide a phishing site here. So never click on such a link, and if you do, then never give your data, your password and so on. Even if there is talk of authentication and the closure of the customer account is threatened.
You can report fake messages (phishing, spoofed mails, etc.) to Amazon.de help. And this is how it works: Write a new email and attach the phishing attempt as an attachment. In this way, all the necessary information is retained. Various assistants such as Outlook, Thunderbird or Mail from Apple simplify this. Send this email to firstname.lastname@example.org. If you can't attach the outgoing email, just forward it to the address given. Further information is available from Amazon help.
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.