Jump to content


Newest Scam

3 replies to this topic

#1 Jeepers


    Queen Of Digression

  • Users2
  • 9,835 posts
  • Gender:Female
  • Location:Hoosier In Ohio

Posted 06 May 2012 - 10:12 AM

If you get one of these notice if the order number is hyper-linked. If it is, delete.

Amazon.com – Your Cancellation Fraud Email:

In a clever twist, a newer Amazon fraud attempts to hijack your account by pretending to send you an order cancellation email.

The email we’ve been seeing claims to come:

From: ”order-update@amazon.com” <order-update@amazon.com>
Subject: Amazon.com – Your Cancellation (7453-14594-3697370)

Of course the sender From address is spoofed, this is not a legitimate Amazon communication, and the Reference number is randomly generated in order to evade spam filters that might look for identical subject line contents.

The clever part is the email itself:

Dear Customer,

Your order has been successfully canceled. For your reference, here`s a summary of your order:

You just canceled order #5123-646266-10986



Sold by: Amazon.com, LLC


Because you only pay for items when we ship them to you, you won`t be charged for any items that you cancel.

Thank you for visiting Amazon.com!

Earth`s Biggest Selection



In the message above, the words “Order Details” are hyperlinked to any number of various attack sites used to download malicious code and/or to capture personal information, passwords and other financial details.

Given the great numbers of consumers who shop Amazon and it’s affiliate store fronts on a regular basis, who wouldn’t be curious to know what order was recently canceled and why?

From a social engineering standpoint, this Phish is baited quite well.


Don't start nuthin...

Won't be nuthin.

#2 ANewMe


    Ebook Hoarder

  • Users2
  • 1,777 posts
  • Gender:Female
  • Location:Cajun Country
  • Interests:reading, book reviews, blogging, sign language

Posted 06 May 2012 - 12:31 PM




#3 AMarthaByHeart


    Family Member

  • Users2
  • 643 posts
  • Gender:Female
  • Location:Heartland of Texas
  • Interests:Getting back to basics of life, survival, etc.

Posted 06 May 2012 - 01:36 PM

We got it. Thank the Lord our virus protector would not let us open it. I had just ordered something a few days earlier and without thinking, I tried. The protector wouldn't let us. We also got it on other web sites--ex. Catherines. I ran a complete scan after that. :beat_deadhorse:

Thanks for the confirmation, Jeepers.
Trust in the LORD with all your heart and lean not on your own understanding,
in all of your ways acknowledge HIM and HE will make your paths straight.
Proverbs 3:5-6

#4 Cat


    Looking to Him...

  • Administrators
  • 13,030 posts
  • Gender:Female
  • Location:Indiana
  • Interests:Crafts, cooking & baking, parenting... Oh, LOTS of stuff!!

Posted 07 May 2012 - 05:43 AM

Sneaky, aren't they? :tapfoot:

I got this one today...

Dear Customer,

Your order has been successfully canceled. For your reference, here's a summary of your order:

You just canceled order 104-165-15212 placed on May 6, 2012.


It did include an actual "item" name that I supposedly canceled. :shakinghead:

This is why it's so important to have several email accounts for different things. But I'm wondering if Amazon was hacked, because this account *is* the one I use for Amazon.


Where words and actions disagree, the heart is revealed.

Look how often the unexpected happens... and we still don't expect it.

Reply to this topic


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users