RCMP in Manitoba have sent out a warning about a sophisticated Amazon phishing scam making the rounds.
Phishing email scams look to create authentic-looking web pages to trick users into logging in with their credentials, thus revealing their login details to scammers.
Manitoba RCMP recently tweeted, “Don’t login to any account pages unless you navigated there directly. #rcmpmb aware of scam email being sent with false Amazon order information, where recipients are directed to fake login page that would provide scammers with login & possible credit info.”
Below are images shared from Manitoba RCMP, which look like a legitimate email from Amazon:
If users click on the link in the email, they are directed to a fake URL to login with their credentials. Users should always observe which URL is showing in their web browser before logging into any website:
For newer Internet users, phishing attempts may easily fool those unaware of checking browser URLs before logging in.
The owner of the phishing domain has left their WHOIS information public, which currently lists an address in Teterboro, New Jersey.
The browser extension for a password manager such as 1Password will always warn you if the site you’re trying to fill credentials with is not secure or not the matching domain.