How many Amazon notifications do you get? (If you're like some, it's a lot.) That means it's a perfect opportunity for hackers to try and exploit it to get some information. In fact, according to our research, Amazon is the third-most impersonated brand in phishing attacks.
In this phishing email, the end-user sees an order notification for a MacBook. It's a pretty convincing duplicate of a legit Amazon confirmation message:
Notice a few things. One, there are no links, just a phone number. That's what the hackers want you to do. You get a message that seems unusual and you want to rectify it. Give them a call and see what can be worked out. (Hint: It's not going to be helpful.)
Further, you'll notice the email does not come from an Amazon address:
These sort of impersonation attacks are tricky to stop, especially when there are no links for the static solution to check again. And remember, don't pick up that phone.