14 DAY TRIAL // Amazon customers are advised to beware of scam emails that promise a complementary £50.00 ($80 / €60) gift card. The notifications are part of a clever phishing scam that has been making the rounds over the past few months.
The fake Amazon emails analyzed by ThreatTrack Security experts are entitled “Your Complimentary £50.00 Gift Card” and they read something like this:
“Great News! To say thank you for being a loyal customer, we are giving you a complimentary £50.00 Gift Card to use on Amazon.co.uk. You are able to redeem the voucher now and can use it on any orders for full or part payment. The voucher is valid till 30/09/2013.
You can also personalise your gift card with the design and a message to yourself or if you are planning to generously gift it to another person.”
When the “Redeem Gift Card” button is clicked, victims are taken to a cleverly designed Amazon phishing website that tricks visitors into handing over email addresses, passwords, credit card information, and contact details.
Such scams are not uncommon. These emails have been spotted by Amazon customers since around June. However, there’s something about this particular campaign that makes it stand out.
For the URL of the phishing site, the cybercriminals use a Data URI technique which makes it look peculiar.
“There could be many reasons why the person responsible for the above site did this – perhaps they thought ‘obviously fake URL’ would trigger an alarm for many end-users, but ‘complex and random string of apparent gibberish’ would not,” ThreatTrack Security’s Christopher Boyd noted in a blog post.Users are advised to be extra cautious when entering their personal and financial details online. In general, make sure the websites that request the data is protected by an SSL certificate indicated by the padlock icon and the https connection.
