Jump to content

Recommended Posts

Posted

Received an email today from Amazon "security-update" saying they found a list of hacked emails and passwords out in the internet wild, and changed my password to protect me.  Can't remember opening an Amazon account, but may have at some point and forgot about it/never used it.

 

I Googled around and found this is already "out there", suggesting this might be a renewed phishing attempt based on the old Amazon story line?  There were also articles suggesting Amazon did change some client passwords preemptively earlier this year.  I suppose both could be true at the same time.

 

Posting as an FYI mental "bump" if anyone gets similar email.  The Consumer Affairs article from March of this year, while it ends inconclusively, describes the email I got today.  

 

https://www.consumeraffairs.com/news/alleged-amazon-phishing-scam-is-scarily-sophisticated-031016.html

 

Email I got today below with a link to Amazon dot com in the salutation:

--------------------

Hello,

At Amazon we take your security and privacy very seriously. As part of our routine monitoring, we discovered a list of email addresses and passwords posted online. While the list was not Amazon-related, we know that many customers reuse their passwords on multiple websites. Since we believe your email addresses and passwords were on the list, we have assigned a temporary password to your Amazon.com account out of an abundance of caution.

You will need to reset your password when you return to the Amazon.com site. To reset your password, click "Your Account" at the top of any page on Amazon.com. On the Sign In page, click the "Forgot your password?" link to reach the Amazon.com Password Assistance page. After you enter your email or mobile phone number, you will receive an email containing a personalized link. Click the link from the email and follow the directions provided.

Your new password will be effective immediately. We recommend that you choose a password that you have never used with any website.

You can also enable Amazon's Two-Step Verification, a feature that adds an extra layer of security to your account. In addition to entering your password, Two-Step Verification requires you to enter a unique security code during sign in. To learn more about Two-Step Verification, go to Amazon.com Help, go to Managing Your Account, and click More in Managing Your Account, and then click More under Account  Settings.

Sincerely,

Amazon.com
http://www.amazon.com

This e-mail was sent from an address that cannot accept incoming e-mail. To contact us, please visit the Help section of our website.
 

 

 

Posted

It could be phishing, but they do tell you to go to the Amazon page to reset your password.

You can type that in directly, just don't click any links in the email.

 

 

 

 

Posted (edited)

Does NOT look like a pishing email.

There is plausible description/announcement what will happen (what you will have to do) when you open the amazon website.

It's a good idea from amazon to reset you password after having found your email address (and associated password) on list from another source that has been hacked.

 

To add some trust, open:

https://www.amazon.com/

 

And then click the icon left of the URL to verify the security certificate (how to depends on browser, icon usually "green"/"locked").

Checking this makes sure you are connected to the authentic amazon website.

 

Then try to logon with your known name and password.

This should result in an error message.

In this case follow the instructions from the email.

 

I don't have a browser in English (except Edge where it is stupid/silly).

So does it look in Firefox, in English it should read something like "Secure connection").

 

cert.jpg

Edited by KhunBENQ
Posted

Let's just hope that your email account has not been hacked (like in the yahoo case).

Make sure that your email is safe and probably also change the email password.

 

Posted

To me, this is very clearly a phishing attempt. The language and prose style used is NOT what would be expected from a major online retailer.

I suspect that hovering the mouse over the amazon dot com link in the email will reveal the truth.

Posted

The comments in the link in the OP indicate that several (obviously security aware) people went directly to the Amazon website without going through the links in the email, and discovered that their passwords had in fact been reset.

Either way, if you do the same, you're mitigating the risks of it being a phishing message.

Posted (edited)
3 hours ago, JaiMaai said:

To me, this is very clearly a phishing attempt. The language and prose style used is NOT what would be expected from a major online retailer.

I suspect that hovering the mouse over the amazon dot com link in the email will reveal the truth.

As described in #4:

 

  • open the Amazon site from your bookmarks or manually
  • check the authenticity of the site
  • try to logon with your know account data

 

You will then learn whether something has to be done.

There are endless reports that the password reset has taken place for certain accounts.

Likely as a reaction to the huge yahoo leak/hack recently detected.

 

I still bet this is NOT a pishing mail.

It does not have the usual characteristics of such a mail.

Looking forward to hear from the OP.

 

The report linked in the OP is somewhat strange.

Dated "03/10/2016", guess 3 October?

Speculating but no proof that it was a p.m.

Now 22 October and follow up?

How does that sound to you?

 

Quote

I have forwarded the email to Amazon's real security department, at [email protected] and asked that it confirm the email is not from Amazon. If it turns out to be real, I'll be both surprised and embarrassed.

Feeling embarrassed?

Edited by KhunBENQ
Posted
4 hours ago, KhunBENQ said:

Feeling embarrassed?


Why should he be? I'd rather people erred on the side of caution than unwittingly made themselves part of a botnet or something.

 

And at first glance I would have deleted that email.

Posted (edited)

Such emails are sent from Amazon since at least 2011.

Link in the emails lead to authentic Amazon site.

Do some search.

http://the-digital-reader.com/2016/03/14/amazon-now-resetting/

 

I would NOT report such alarms before receiving feedback from the supposed sender.

Hoaxes are about as bad as the real stuff.

 

8 hours ago, JaiMaai said:

 

To me, this is very clearly a phishing attempt. The language and prose style used is NOT what would be expected from a major online retailer.

 

It absolutely IS.

 

Have you ever studied a real pishing mail?

 

Edited by KhunBENQ
Posted (edited)
1 hour ago, KhunBENQ said:

Such emails are sent from Amazon since at least 2011.

Link in the emails lead to authentic Amazon site.

Do some search.

http://the-digital-reader.com/2016/03/14/amazon-now-resetting/

 

I would NOT report such alarms before receiving feedback from the supposed sender.

Hoaxes are about as bad as the real stuff.

 

It absolutely IS.

 

Have you ever studied a real pishing mail?

 

 

Yes. I do it for a living.

The simple fact that it wasn't addressed personally would have led me straight to the Delete button.

 

 

Edited by Chicog
Posted
9 hours ago, Chicog said:

 

Yes. I do it for a living.

The simple fact that it wasn't addressed personally would have led me straight to the Delete button.

 

I was thinking of you when I posted this, as you stand out in my mind (among a couple others) as well versed in this kind of thing. 

 

On the email I rcvd, I did hover mouse over the amazon dot com link in the salutation/signature line, and the small pop up window appeared showing www dot amazon dot com.  Even though it looks good, if clicked, could it still be redirected to a 'fake' website?  Is that what's called "spoofing"?

Posted
4 hours ago, 55Jay said:

I was thinking of you when I posted this, as you stand out in my mind (among a couple others) as well versed in this kind of thing. 

 

On the email I rcvd, I did hover mouse over the amazon dot com link in the salutation/signature line, and the small pop up window appeared showing www dot amazon dot com.  Even though it looks good, if clicked, could it still be redirected to a 'fake' website?  Is that what's called "spoofing"?

 

Yes, spoofing usually involves using a different address to the one displayed.

The same applies to links in the email, which can be revealed by hovering over them.

But the general rule is that, if you ever receive emails like this, just don't click the link in the email to be sure; go and type in the actual address so you know you are going where you are supposed to.

Looking at the comments in the OP, that's what most people did and many of them did in fact find their password reset.

However, scammers would very likely try and duplicate this email verbatim, with the links changed to point to their copy of the website, or a malware downloader.

 

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...