Site icon Panda Security Mediacenter

Christmas is coming – must be time for another Amazon scam

Antwerpen, Belgium - February 25, 2014: Santa's bag filled with Amazon.eu boxes. Amazon is the world's largest online retailer.

Cybercriminals are using text messages to steal customer account details in the UK

As the build-up to Christmas continues, Amazon is warning UK shoppers of a text scam that is currently in operation. Using a simple SMS message, scammers are breaking into online accounts and stealing personal data from their victims.

How does the scam work?

Like most smishing scams, the process is actually very simple:

  1. The victim receives a text message that warns of a security problem and advises them to log into their Amazon account:
    “Amazon: We detected a login into your account from a new device on 27/09/2022 at 15:10:08 UTC. If this wasn’t you, you can terminate that session via: [https://checkup-amazon.com].”
  2. The user clicks the link in the message and is redirected to a website that looks just like Amazon.
  3. The victim logs into the website with their Amazon username and password.
  4. A new page loads requesting additional information (name, address, phone number, date of birth etc) to “confirm the victim’s identity” and terminate the fraudulent session mentioned in the text message.

The problem is that the website is completely fake. Scammers are using the pages to gather valuable personal data than can be used to break into a victim’s Amazon account – or to commit other crimes like identity theft.

How to protect yourself against the Amazon SMS scam

There are a couple of ways to protect yourself against SMS smishing scams like this:

  1. Check the website address in the message. Legitimate Amazon links only appear as amazon.com, amzn.to or amzn.com – anything else is fake. Delete the message.
  2. Look at the sender’s number. Amazon uses ‘short code’ numbers (usually 5 or 6 digits). If the message comes from a standard cellphone number beginning ‘07’, it’s a fake. Delete the message.
  3. Amazon never sends SMS warnings about fraudulent logins (although they do send 2FA login codes). If you receive one, it’s a fake. Delete the message.

As with most smishing scams, the best protection against criminals is you. Whenever you receive a message like this:

  1. Don’t react immediately. The message is intended to frighten you into action before you’ve had time to think about what is happening.
  2. Check the message carefully. Does the website address look suspicious? Are there unprofessional spelling mistakes? Does anything strike you as unusual or weird?
  3. Do not click the link in the message. Instead, try logging into your account using the official app or website. If there really is a problem, there will be a message waiting for you in your account.

What else?

Amazon has asked anyone receiving one of these fraudulent SMS messages to report it to them. They will then closely monitor the potential victim’s account for suspicious activity. Amazon will also pass these reports on to the police for further investigation.

Amazon has a comprehensive guide about what to do if you receive a suspicious SMS or email message. You can read more here.

Exit mobile version