216.73.216.133

Amazon Phish Hunts for Security Answers and Payment Information

· Published 18/02/2025 22:51 · Modified 19/02/2025 08:56

Export JSON

Essential information

Published
18/02/2025 22:51
Modified
19/02/2025 08:56
Tags
2025-02-18 amazon prime credential-theft email spoofing fake login page payment fraud phishing social engineering
Related entities
3 observables, 9 techniques (mitre), 3 others

Description

A scheme targeting users has been identified, aiming to steal login credentials, verification information, and payment data. The attack begins with a spoofed email claiming the user's payment method has expired. Clicking the update button redirects to a fake Amazon security alert on Google Docs, followed by a fraudulent login page. The scam then requests personal details, address information, and payment card data. This sophisticated campaign not only seeks credentials but also additional information to bypass security measures. Users are advised to verify sender authenticity, log in directly to their accounts, and contact customer service for inquiries. The scheme's resemblance to legitimate Amazon processes makes it particularly dangerous for unsuspecting users.

External references