We can not predict when, where and how these scammers will find new ways to exploit people. One of such scams is the Fake Shipment Scam. Fake Shipment Scams are so cleverly designed and executed that one might not even be able to understand that they are being scammed until they are looted!
Fake Shipment Scammers send a fake message to random people in order to make them click on some malicious link wherein they will extract all of your credentials to use them for personal benefits!
How does the Fake shipment Scam work?
You get a message / an email
All of a sudden while using your device you get a notification or an email like this:
This email declares that the product which you have ordered was cancelled due to some reason. You will need to login to Amazon and give this need to address the issue. This message here has made you suspicious and worried at the same time. The scam has already started!
You react to the email
Now considering the scenario there will be two conditions which will arise when you read such a message or email.
- What was the reason your order was cancelled if you had ordered something?
- You didn’t order anything! Still why are you getting these messages?
If you have ordered something and you get such a message of course you would lose your cool and try to see what went wrong. On the other hand this message will immediately alert you that you did not buy anything still why are you getting these messages. You may be worried that your account was compromised and someone is ordering stuff from your account.
You then decide to click on the link to see what is the actual matter…
You visit the mock up site
Once you click the link the actual scam begins and you will see something like this:
This is not the original amazon website as you can see the domain ends with .org and amazon never uses .org extension. This is the only fishy thing you need to notice but you don’t look at the domain which you are visiting.
The scam is so cleverly designed that the scammer has already made you worried when you visit the site. When humans are tensed or worried they usually tend to take quick actions which are mostly wrong! So you enter your registered email and your password…
You have lost your Credentials
The only reason the website was designed in such similar looking fashion; almost original, was only to extract your email and password. In this case the scammer only had to send a message; rest of the work was done by you, yes you!
At this point of time the scammer already has your credentials and can use them in whatever ways he wants to. Usually many scammers are not that interested in your account but they can sell these credentials in exchange of money. Yes there are people who sell login credentials of people for money!
The Worst Case Scenario
If you are a victim of such a scam you have already given your login credentials to the scammer willingly. But if by chance you have any money in your amazon pay balance or you have saved your credit card details on amazon, you are going to lose money!
The scammer will then proceed to buy something from your account and your money. Why stop if you are getting free stuff isn’t it? When a purchase is made from your account amazon sends you an email or message regarding the order. The scammers are so clever that they send you hundreds of spam emails and messages in the same time span. So that you will probably overlook the email and the message sent.
This is how your one overlooked click and ignorance caused you losing your credentials and your hard earned money!
How to be safe from such scams and what to do in this case?
- Even if you get such messages or emails saying that your order was cancelled do not click on the link in the message! Yes, even if it was a genuine message it takes hardly two clicks to personally open amazon.com and login there. This simple step can completely avoid the scam!
- Even if you reach the website after clicking the link provided in the message, always check the domain where you are. You will immediately notice that the domain is not at all legit.
- Always use the legit amazon website or their mobile app to do any actions regarding your account.
- If you realize that you entered your credentials on a fake website, without any delay immediately change your password for the account.
- You can also turn on two step verification wherein anyone who has your password will need to enter the verification code sent to you if he wants to login to your account.
- If someone has already ordered something from your account you can cancel it personally and inform amazon about the situation and ask them to refund the amount. They will surely help you out
Hope this helped you and made you aware of this scam share it with your friends and family to make them aware too!
Stay Safe Digitally!