Amazon Phish Hunts for Security Answers and Payment Information

Feb. 19, 2025, 8:56 a.m.

Description

A phishing scheme targeting Amazon Prime users has been identified, aiming to steal login credentials, verification information, and payment data. The attack begins with a spoofed email claiming the user's payment method has expired. Clicking the update button redirects to a fake Amazon security alert on Google Docs, followed by a fraudulent login page. The scam then requests personal details, address information, and payment card data. This sophisticated phishing campaign not only seeks credentials but also additional information to bypass security measures. Users are advised to verify sender authenticity, log in directly to their accounts, and contact customer service for inquiries. The scheme's resemblance to legitimate Amazon processes makes it particularly dangerous for unsuspecting users.

External References

https://securityboulevard.com/2025/02/amazon-phish-hunts-for-security-answers-and-payment-information/
https://otx.alienvault.com/pulse/67b50f0432f066c6add22ef3
Tags
phishing
social engineering
credential theft
email spoofing
2025-02-18
payment fraud
fake login page
amazon prime

Date

  • Created: Feb. 18, 2025, 10:51 p.m.
  • Published: Feb. 18, 2025, 10:51 p.m.
  • Modified: Feb. 19, 2025, 8:56 a.m.

Indicators

  • http://recordzonerequiredaccountpaneluseraccpymntnew.srilankan.com.mv/signin?verify=cr51_23764
  • http://qr-codes.io/unPek2
  • recordzonerequiredaccountpaneluseraccpymntnew.srilankan.com.mv
Download all indicators here!

Attack Patterns

Additional Informations

  • Retail
  • Technology
  • Finance