Phishing Attack "Important" Fake Amazon Notification (July 17, 2013)

Reports of a phishing attack masquerading as an Amazon notice have begun circulating just prior to lunch. The notice claims the recipient's account was accessed from an unathorized computer. A link is provided to confirm ownership of the account. The text of the link appears to redirect to Amazon; however, if you mouse over the link, you'll see that the destination is in no way associated with Amazon (see screenshot below):

 

 

For those who click through the link, a cloned amazon page is presented:

 

After credentials are provided, the page redirects you to the real Amazon page where you have to once again login. While your Amazon account is not directly linked to your NetID, due to Amazon Student accounts, it is likely that someone would use their Duke email account and potentially the same password. The ITSO recommends not re-using passwords for accounts. If you or someone you know provided account credentials for this scam, please contact the OIT Service Desk immediately. We encourage you to change both your Amazon account password as well as your NetID password.

 

OIT Service Desk
919.684.2200