Amazon account locked – Phishing email impersonates Amazon to steal your login credentials

This phishing attack is impersonating Amazon in order to steal your login credentials. “Amazon account” -themed attacks are popular since the backstory of having an Amazon account, is true for many recipients.

The attack exploits human emotions with a fictitious story. By threatening to close the account permanently, the victim is urged to react to the message.

Off the Hook

• Double check that the details match up. Do you have an Amazon account associated with this email?
• Check that the senders email address is a legitimate Amazon address. Attackers might be using different techniques such as typo-squatting (e.g. amaz0n.com instead of amazon.com) or using subdomains that feature amazon (e.g. support@amazon.anotherdomain.com )  
• Check if the button actually links to Amazon by hovering over it. You should be able to see the link in the lower left corner of your browser window.
• Browse directly to Amazon by typing amazon.com into your browser and sign-in to check if your account is really locked or not

‍