New Amazon Prime fake email

Fake Amazon Prime email abuses LinkedIn’s URL shortener

Posted:  by 

Click here for the entire story.

Over the last few days, scammers have been sending out phishing mails that disguise bogus URLs with something called Slinks—shortened Linkedin URLs.

The shortened URLs redirect users to a different URL when they are clicked. If you’ve ever seen a Tiny URL, or a link, you’ll already be familiar with how these work. Shortened links are a common tool in the phishing armory because they obscure the final destination of their links, and because familiar shortening services may be seen as more trustworthy.

As you would expect, a LinkedIn shortened link is going to carry a certain amount of trust for someone on the receiving end. Now they’re being used in a scam based on Amazon’s popular Prime membership.

Fake Prime email

The email claims to have been sent from “Prime” and has the subject “New Membership Statement: Renewal P‎‎rime Membership statement was ended – Your renewal scheduled on February 21, 2023.” The text reads:

Due to a problem with your card, we were unable to charge your account $12.99 and applicable taxes for the next 1 month of Amazon Prime. 
Your membership benefits are currently on hold. If you do not update your card information in the next 24 hours, your membership benefits will be cancelled. To continue enjoy your
membership benefits, please update your payment information.
We are sorry for any inconvenience this may have caused.
Prime Team

The email includes an Update Now button. Hovering over it reveals the Slink URL, and hitting it redirects you to a site resembling an Amazon login page.

Some folks may wonder why an Amazon email contains LinkedIn links, but many won’t. Some won’t notice, and some will assume it’s OK, because they’ve been trained that way. Email newsletters and promotions often use shorteners and tracking links. As a result, odd-looking URLs won’t necessarily alarm recipients as being unusual.

Fake Amazon login

The phishing site asks for an email or phone number tied to an Amazon account.

Amazon phish

Next, the site directs you to a tailored password page, using the information you just entered. For example, entering a Gmail address leads to a page asking for the Gmail password. Enter a Microsoft address, and you’ll be directed to a Microsoft-centric password request page, and so on.

For the rest of the article Click here .