This one is awesome! I laughed when I saw this:
A) “someone who knows your password”, If they KNEW my password, they would have already been logged in.
B) It was days ago (like 10 days ago)… Even though if it was today, I wouldn’t trust it, but days ago, certainly not!
C) THERE’S A LINK TO APPROVE OR DENY! This is the scam hook! DO NOT CLICK THIS LINK (and it doesn’t go to Amazon obviously).
|
I just received a couple of these messages one day after another to one of my emails not associated with my usual Amazon log in. In the first one, the link went to a site that was identified as malware when submitted to the Virustotal URL checker. The second one listed an actual bona-fide Amazon link. On a different machine and browser I independently went to Amazon and requested a password reset of this account allegedly associated with that email address and received a valid reset to my email address. To my surprise there actually was an Amazon account with no profile details other than my name (in a format I don’t normally use) and my email address. There had never been any activity on that account – and I have absolutely no recollection of ever setting one up with that particular email address. I added a couple of extra security triggers to get alerts whenever anybody attempts to access it again!!
Please provide a link to this VirusTotal so others can use it too… And thank you for your post, sorry it took me so long to approve your post, but I really do appriciate it.
I’ve received three emails like this yesterday. On an account that isn’t connected to amazon. Two of those are for “login-attempts” at amazon.de and one at amazon.com (I never had an account on amazon.com).
What baffles me the most is that all of the links appear to be valid amazon links. I just went ahead and clicked the link for amazon.com (again, I never had an account on that domain), the site just repeated what the email said: “Someone from this and this location tried to log in, if it wasn’t you, please let us know,” with another link behind “let us know”. Clicking that only brings up a button where I can “tap to deny access”. Clicking that says “Thank you. Sign-in attempt was denied.”
I am really at a loss here. What exactly was the phising attempt? At no point was I asked to enter my password, all links seem to go to amazon, the site appears to be real. But as I’ve said: I don’t have an account on amazon.com and I never used that particular e-mail address to sign up to any amazon site.
Maybe now that I clicked that button I confirmed that the e-mail is real and I will receive further mails?
Oh, one more thing: They used my real first name. On my e-mail account I didn’t use my real name. So how on earth did they manage to link my real first name to that e-mail-address and why is there no obvious phising attempt?
So, I just tried doing what Martin did and requested a password reset on amazon.com. I too received a OTP, and the account seems to exist. However, I cannot get past the security question: “What is the phone number that ends in 41?”
I never had a phone number ending in 41. What the hell is going on here? :O
There is a lot to gleem from your post: 1) You said you never had an Amazon account, if not, then ANY email claiming to be from Amazon would be a scam and it would be best, not to click the link but simply ignored the email. Amazon likes to get paid, if you did not create the account, you did not give a credit card, they can not charge you… ignore the email. 2) You tried to reset an account you do not have, why? Their reason is, you have other accounts and most people use the same codes for more than one account (which is really bad but they do it). Your attempts, more the marrier, gave them things to try on other accounts of yours. 3) Your name is probably on social media, facebook, twitter, myspce. My favorite was getting an email claiming the sammer had my password and showed me my myspace password, of which I laughed at them. Why? because I do not use the same codes for more than one account and the myspace password had a key in it that told me it was myspace… made it easy to reply back and tell them to get lost!
What happens if you clicked on by accident tap to deny cause it seemed legit?
You’ve told them you are there but as long as you’ve not entered your password or any other information like name and address etc, then you are pretty safe.
I just got one of these and it turned out to be legitimate – my wife was trying to sign in to Whole Foods to get the Prime discount.
Yes sir! Scams are not usualy origanal or inventive. Scams take something ligitemate and twist it. Example: Counterfit money, easiest way to catch it, is know what REAL money looks like and catch the flaws. As someone else mention, an email from Amazon, is not going to come from a gmail address. So your wife examinied the email, saw the proofs it was Amazon and not gmail or an odd link and was able to log in succesfully to Whole Foods. I would have to ALSO expect that she attempted to log in generating that email to verify her log in rather than it just showing up. Because if it just showed up while NOT logging into Whole foods/Amazon, that would be odd and questionable.
Thanks for posting.
I can usually spot a “lure”, but this one was close enough that I had to check with “The Internet”.
The proper amazon link really did it. Haven’t clicked anything, and sure won’t now. 😛
The presentation is a bit too simple, though. There would’ve been some additional text, logos, something… That ‘please approve or deny.’ would have a ‘click this link to…’, or maybe two separate links to make it easy or something. Don’t you think?
I’m not completely sure I understood what you’re say. Maybe, if you still have that email, you could forward it to me? I’ll email you my email address at the email you used to post with Mike.