A few recent campaigns aim to lift personal information and credentials under the guise of Amazon package-delivery notices.
Amazon, during the pandemic, has become a staple of people’s lives as they order everything and anything. Cybercriminals have latched onto the delivery behemoth as the lure for phishing e-mails, being aware of the plenty of legitimate delivery messages as they are also making it into people’s inboxes to offer cover.
Researchers at Armorblox spotted a pair of savvy campaigns leveraging Amazon using a credential-phishing attempt for a purported Amazon delivery failure notice; and a voice phishing attempt also using Amazon delivery order. The sender domain and name seem to the point that the e-mail came from a legitimate third-party vendor’s account, permitting it to successfully pass authentication checks.
The e-mail informed readers that their order would get canceled if they didn’t update their payment details within three days, contributing a sense of urgency. This was then used for phishing. It also includes a link to the updating Amazon billing information page – and this is exactly where the attack starts.
To Read More: Threatpost