Soft2Secure scam – phishing emails on the rise scam – phishing emails on the rise

Amazon’s hefty user base is a goldmine for online fraudsters, because it spans people who are perfectly comfortable with the idea of buying goods on the Internet and hence have their credit card information tied to their accounts. Phishing through stratagems like the scam is the most common way for crooks to take over one’s Amazon account. Here’s what you need to know about this particular ruse.

What is the scam?

An email that appears to come from is a telltale sign of phishing, a technique aimed at wheedling out sensitive information for financial gain. Obviously, hacking the services of such an ecommerce giant as Amazon is easier said than done. This is the primary reason why the e-swindlers out there choose to engage in social engineering rather than super-complex breaches. Humans are often simpler to exploit than machines, and the malicious actors know it. The hoax does have a bit of the hacking flavor in it, though. Given that it’s a fraud, how can it possible come from an Amazon domain? The answer is, it doesn’t. The crafty criminals leverage what’s called email spoofing, which allows for changing the manifestation of the message header. As a result, the ill-minded sender may impersonate another person or organization.

Phishing email from

So, clearly, these messages are sent by crooks rather than the ecommerce service in question. What are their contents about? The basic idea is to impose pressure and feign urgency regarding the matter. The manipulative email subjects vary, but they’ll always be something like the following strings:

[Statement from Amazon is available] [Daily Report Email] – Your account checking setting data has been changed on {date} {report ID}

[Amazon Statement Report] [Automatic Daily Mail] “Verify your billing and/or shipping address using a web browser {report ID}

[Daily Email Report] Latest: It appears that your account settings have been changed on other devices {date} / Number {report ID}

Another catch is about the file attached to this faux message. It is a Microsoft Word document named “Amazon Customer Service”, “Amazon Service Center”, “Customer-Service-{random ID number}”, or similar. It may be hosted at Google Docs in some cases. This file says that some account information is missing, or it states that a few suspicious charges worth hundreds of dollars have been made on the account. In the latter case, the pseudo alert may even include valid details about the recipient’s credit card, such as its type and several last digits of its number.

Word document attached to the fraudulent message

The pivot point of this hoax is that the victim is instructed to follow a link embedded in the above-mentioned Word document, which supposedly leads to Amazon login form so that the person can authenticate and add the requested information. The linked-to web page may, indeed, resemble the authentic login page, and it has the right fields to fill out. However, there is a big giveaway that will hopefully draw the attention of a prudent individual. The URL of the landing site is incorrect. Although it is composed of keywords ostensibly associated with the simulated case (see image below), it has nothing to do with Amazon’s genuine sign-in domain.

Phony Amazon login form

It doesn’t take a genius to figure out what happens if a user ends up entering their authentication details in this fake login form. The email (or phone number) and the password will be instantly sent to the scammers’ server. A full account takeover is the most likely upshot of this activity. It means the criminals will get hold of the victim’s personal data, including payment card information. On top of that, they might change the password to prevent the actual account owner from getting in. By the time the person realizes what kind of a predicament he or she is in and contacts Amazon to temporarily block all transactions, the crooks will have probably purchased a handful of high-end products on behalf of the defrauded customer. It goes without saying that the ongoing scam is no joke and it may entail serious adverse consequences for anyone who falls for it.

To be on the safe side, never click links received over email, especially if the message appears to come from an ecommerce service. If you are too curious to resist the temptation, inspect the resulting URL to make sure it’s legit. Finally, if you have received an email from, it may be an outcome of an earlier compromise or a symptom of phishing kit activity. One way or another, consider checking your system for possible threats. alert automatic removal

The extermination of phishing can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.

1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option

Download remover

2. The scan will come up with a list of detected items. Click Fix Threats to get the scam removed from your system. Completing this phase of the cleanup process is most likely to lead to complete eradication of the infection. However, it might be a good idea to consider ascertaining the alert is gone for good.

4.08/5 (12)

Please rate this

Posted in: KnowledgeBase

Leave a Comment (0) ↓