.png)
BOOK THIS SPACE FOR AD
ARTICLE AD21. May 2021
This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Scammers are using a unique methodology called ‘vishing’ to trick online customers. In a vishing attack, the fraudster impersonates someone from Amazon but uses a phone call as the weapon of choice. Another tactic employed by the cybercriminal is via email with a contact number and requesting the receiver to call that number.
Recently, cybersecurity firm Armorblox discovered two distinct email campaigns posing as Amazon. Both emails were identical with a similar Amazon branding and followed a pattern similar to real order confirmation emails from Amazon but, if one knows where to look, there are many indications that the emails are fraudulent.
The first indication is that the emails are sent from a Gmail address or one that looks like it “might” belong to Amazon (no-reply@amzeinfo[.]com) and the recipient is not addressed by their name (a piece of information Amazon would know).
Armorblox researchers noted that scammers are not using the old taction of including a malicious attachment or URL / link, which allowed them to bypass any detection controls that block known bad links. They also made other choices that allowed them to slip past any deterministic filters or blocklists that check for brand names being impersonated (e.g., by writing AMAZ0N – with a zero instead of an “O”).
Bengali (Bangladesh) · 
English (United States) ·