Amazon phishing attack claims your account is about to expire

Have you received an email telling you that your Amazon.com account is about to expire? Does the message urge you to confirm “wether” (sic) you wish to continue to use the account or risk deactivation?

Well, hold up a minute. Because if you respond to the notification in haste, you could be repenting at leisure.

Cybercriminals have widely spammed out an attack via email, posing as Amazon, in an attempt to trick users into handing over their credentials.

Subject: You have (1) Message from Amazon
Attached file: NO003950033.html

Message body:
Dear customer,

Your online account is about to expire and will be deactivated.

Please confirm wether you want to continue using Amazon or not.

If the answer is yes, download and complete the attached form.

If the answer is no, please ignore this e-mail.

Best wishes,
Amazon Team

Note -…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.