The holidays mean fun with family, delicious seasonal foods, and of course, lots of shopping. With crowds taking over the malls and shopping centers, many of us (myself certainly included) opt to shop online instead of braving the fray. People also tend to let their guard down during the holiday season – nothing bad could happen during the most wonderful time of the year, right?
Online scammers wait for just these types of opportunities to use scams and fraudulent emails to take advantage of unsuspecting shoppers. This year is no different, and there’s been news of a new Amazon email scam that is infecting computers with malware. Here’s the lowdown on the scam, how to spot it, and what to do to avoid it.
What It Is
This year’s scam basically consists of fake order confirmation emails from Amazon. Because Amazon is so immensely popular, scammers have previously used fake Amazon emails to lure users into opening infected files on their computers. According to Abigail Wang from PCMag.com, these phony emails contain an attachment with instructions to open it and view the order details. When unsuspecting users open the attachment, malware gets installed on their computers.
Malware consists of programs that are designed to install themselves on your computer and infect all of its processes. They can steal autocomplete passwords, record your keystrokes, and even gather your personal information like your credit card or social security number.
How To Spot It
Luckily, it’s not too hard to spot these fake Amazon emails. Hyphenet.com bloggers say that there are four clear signs that will tell you if you’ve received a “bait” email. First, the sender will be Amazon.com (not “auto-confirm@Amazon.com” like the real order confirmations), and the subject like will be something like “Your Amazon.com order confirmation.” Real confirmation emails do not start with “Your.” Next, if you look at the billing address, item, and price, Hyphenet writers say they will “appear to be randomly generated.”
Finally, the most obvious sign that you’ve received a fake order confirmation email is that all of the embedded links in the email will lead to third-party sites, not Amazon.com. To find out where the embedded links in your email go, you can either click on them, or to stay safe, you can just hover over them and look at the bottom of your browser, where the URL of the link will appear.
What To Do
First, don’t open the attachment of the suspicious email! Once you’ve determined that the email is a fake, report it to Amazon.com, then delete it. It also helps if you keep track of everything you’ve ordered online. The holiday season can get hectic, but it’s a good idea to at least jot down a list of each item you’ve ordered online and from where. That way you’ll know if you’re expecting an order confirmation email. Then if you get a confirmation email that you can’t find on your list, you’ll know right away that it’s phony.
It’s also a good idea to keep antivirus and internet security software running on your computer at all times, especially if you do a lot of online shopping. Kaspersky, Norton, and Panda Security are all good choices for software to protect your computer. Lucky for you, right now is a great time of year to buy software, because many of these companies are giving holiday deals and promotions on their products. Software like this can often keep you from even receiving suspicious emails, and if you do, they’ll protect your computer from malware and infected files. Remember, better safe than sorry!