Solved

Is an e-mail from Amazon.com a scam attempt or real?

Posted on 2016-07-19
12
101 Views
Last Modified: 2016-08-07
Is an e-mail from Amazon.com a scam attempt or real?

I have an e-mail in my inbox saying it is from Amazon.com, subject: "Your Amazon.co.uk order has dispatched (XXXXX)" (X = numbers and letters).

Is it any danger to open this e-mail? If for real, it could be someone has used my Paypal to order something to himself/herself.
0
Comment
Question by:hermesalpha
  • 3
  • 3
  • 2
  • +2
12 Comments
 
LVL 12

Assisted Solution

by:Benjamin Voglar
Benjamin Voglar earned 120 total points
ID: 41719045
0
 
LVL 12

Assisted Solution

by:Benjamin Voglar
Benjamin Voglar earned 120 total points
ID: 41719049
In our company one of our users got cryptolocker just by opening on of fake amazon links.
0
 
LVL 69

Assisted Solution

by:Qlemo
Qlemo earned 200 total points
ID: 41719060
This can only be determined if you examine the mail header and links provided very carefully (without clicking on the links, of course). Some fake mails are made very, very sophisticated and hence difficult to classify as phishing. It also often helps to web search for the subject text, to get a feeling.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 69

Accepted Solution

by:
Qlemo earned 200 total points
ID: 41719062
Note: As with everything you have an account at, best advice is to open the original web site yourself and manually, login, and get order info etc.
0
 

Author Comment

by:hermesalpha
ID: 41719066
By the way, in relation to this, why do some phishing e-mails so clearly and evidently give themselves out as being fake by intentional spelling mistakes and other irregularities? I sort out most of the fake e-mails just by looking at the syntax and language used. The really difficult ones are the ones that are perfect in all details.
0
 
LVL 69

Assisted Solution

by:Qlemo
Qlemo earned 200 total points
ID: 41719084
That is correct - some fakes are just ragged, but more of those are intentionally misspelled. One theory is that people not looking at such mistakes are the appropriate cliental for phishing - easy meat.
Misspelling is also a way to fool automated detection systems only looking for keywords.   séx will work for your eyes, but not the SPAM detector ;-).
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 150 total points
ID: 41719202
You're in Hong Kong, did you order, or do your orders come from the UK ordinarily? Mispellings are a thing of the past, I'm surprized misspellings lasted as long as they did, how hard is it to copy word for word a legit email? Why do virus's insist on using User-Agen'ts that aren't typical or standard... it's baffeling to me.

The more modern advise for Phishing attacks are:
You shouldn't have to enable anything, or run something to look at it's contents (think office macros)
Urgency or time-sensitivety are very effective phishing techniques, but also a give away.
Email's that you are not expecting or from sources you are not expecting or know.
-rich
0
 
LVL 29

Assisted Solution

by:ScottCha
ScottCha earned 30 total points
ID: 41719272
Simple question...Did you order anything from Amazon?

If you did not, delete the email.

It sounds like you were not expecting this email.
0
 

Author Comment

by:hermesalpha
ID: 41719383
I didn't order anything from Amazon and I checked my Paypal now: nothing had been paid for from there either. So I know it's not a legit e-mail now.

Worse when I received an e-mail from my accountant, which then triggered 15 attempts to break into my Google account during 15 minutes when I clicked on a link it it. Someone had hijacked his identity and then used it to send false e-mails to his customers, among them me.
0
 
LVL 29

Expert Comment

by:ScottCha
ID: 41719396
So you answer your original question...Yes it is dangerous to open that email.  PERMANENTLY delete it.

And that you know your accountant's contact list has been compromised, you need to be EXTRA careful and diligent about the emails you open.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 41719435
So should your accountant. It is more important now more than ever to not reuse passwords. Site's are breached, and passwords are leaked, criminals are trying your passwords on any other sites and using the email address's from the leaks as your user name. This is why, for decades, we, the security industry have been saying not to use common, easy to guess passwords, and to have unique passwords for each service/account you use.
Use 2fa with your email if it supports it, your email address is basically the one service you have to protect most.
-rich
0
 

Author Closing Comment

by:hermesalpha
ID: 41746260
Thanks, I never opened that e-mail of course.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing Antivirus for Corporatre Network 11 57
local DNS vendor. 4 59
Domain admin accounts get locked out 35 57
Malwarebytes keeps blocking this..... 6 35
Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question