publishing date icon
January 13, 2023
read time icon
1 min

Amazon account locked – Phishing email impersonates Amazon to steal your login credentials

Phishing attack impersonates Amazon to steal login credentials. Check email sender is a legitimate Amazon address, hover over links to verify it leads to Amazon.com, and manually navigate to Amazon website if in doubt. Attackers may use typo-squatting or fake subdomains. Verify account status by directly visiting Amazon and signing in.

Vanguard

Threat Analyst Team

This phishing attack is impersonating Amazon in order to steal your login credentials. “Amazon account” -themed attacks are popular since the backstory of having an Amazon account, is true for many recipients.

The attack exploits human emotions with a fictitious story. By threatening to close the account permanently, the victim is urged to react to the message.

Off the Hook

  • Double check that the details match up. Do you have an Amazon account associated with this email?
  • Check that the senders email address is a legitimate Amazon address. Attackers might be using different techniques such as typo-squatting (e.g. amaz0n.com instead of amazon.com) or using subdomains that feature amazon (e.g. support@amazon.anotherdomain.com )  
  • Check if the button actually links to Amazon by hovering over it. You should be able to see the link in the lower left corner of your browser window.
  • Browse directly to Amazon by typing amazon.com into your browser and sign-in to check if your account is really locked or not

Subscribe to our newsletter