Warning: Your Amazon Account is On Hold, Phishing Email Alert
- 623
- 11
-
- Last Comment
Today, I received a phishing email claiming my Amazon account was suspended. I almost fell for it, but thankfully, NextDNS blocked the external link included in the email when I clicked it.
The scammers used my correct Amazon email address and changed the sender name to serviceatamazondotcom, making the email appear genuine at first glance inside your inbox. They even replicated Amazon's font, colors, and overall design to enhance the email's appearance of authenticity.
I want to caution everyone: if you receive a similar email, be very careful and verify its legitimacy before taking any action.
- Sort By
Hi,
After your message, I analyzed the email headers:
From: s󠄂e󠄂r󠄂v󠄂i󠄂c󠄂e󠄂 @󠄂 a󠄂m󠄂a󠄂z󠄂o󠄂n󠄂 . c󠄂o󠄂m <[email protected]>
ARC-Authentication-Results i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=e.your90s.com; dmarc=pass action=none header.from=e.your90s.com; dkim=pass header.d=e.your90s.com; arc=none
In the FROM email part, where I have put XXXX, they have used unique alphanumeric identifiers, so by just cross referencing that email address they can directly identify the recipient. Unique sender email address for each recipient. So I think, if any of the email recipient replies or clicks the links inside the email, they know who it is and can quickly pull up the personal data of that recipient from their records.
As I extracted and analyzed the email header in detail, I have found out they have also left traces of their own internal yahoo email address, their mailing list group server URL etc in the email header.
I received a sign in check email from amazon for this afternoon. I didn't sign in.
Since it was from amazon, I clicked the link in the email. I was logged out my account in the app.
I went to the app and reset the password. For some reason IT involved multiple otps again and again.
Then went back to reset password page. So I reset the password once again.
Maybe amazon is glitching?
The take action button links inside the spam email I received was pointing to this URL and pages inside it. Hence it was blocked by NextDNS, OISD filter.
Did you check if the link in your email take you to the correct amazon website or somewhere else ?
Amazon's account security is a bigger mess. Any sane person who understands tech should know about their lame 2FA policy which is totally useless.
just call and send whatever 300 words essay they need
![Instamart: Get Flat ₹50 Off on orders above ₹399 [USER SPECIFIC]](https://cdn0.desidime.com/topics/photos/1883335/medium/ymXDmYihTOzgPDddKSvZRKzXkboAapBF2yoFIeQBaWSAJmC9IUpSPKgvfaAgS5yFxQ_w240-h480.?1732370463)
![[Upcoming] Get Flat 20 rs Cashback after Sucessful bill Payment and recharge of min rs 100(11:00 a.m to 7:00p.m.) (25th-26th Nov)](https://cdn1.desidime.com/topics/photos/1883473/medium/bajaj-pay-16.?1732423817)
Please share the expanded screenshot of sender email etc & verified by details.
From:
To: hide your email
Mailed by:
Signed by: