WARNINGS have been issued by global media about a 'phishing' scam affecting Amazon customers in an attempt to hack their credit card and bank details.
Amazon Spain has flagged up this latest cyber-fraud and released a series of recommendations on its site.
Customers have reported receiving emails after purchasing, typically with a subject heading claiming: “Your order cannot be shipped.”
Once opened, the email – which appears very authentic – asks the reader to click on a link to resolve the delivery problem.
The link takes the customer to a page which looks exactly like Amazon's site and which asks the customer to confirm his or her name, address and credit or debit card details.
Amazon.es urges customers not to click on links or open attachments in any email purporting to be from the online store, and if it is too late, to visit the page on the Amazon site titled Proteger tu sistema ('Protect your account').
“Fraudulent emails which are not from Amazon usually contain a confirmation of an order you have not purchased, or data attached relating to confirmation of an order,” the site says.
They may also contain 'questions about your username, password or any other type of personal information' which may include DNI for Spanish nationals or NIE for foreign residents, card or bank account number, PIN codes or card security codes, name and surname or other information that may identify the customer, such as town or city of birth.
Some mails may contain 'requests to update your payment method information' via 'a website that does not belong to Amazon', according to the company.
Genuine Amazon emails include instructions on how to verify your data and will tell you to enter the site in a different tab.
“Click on Gestionar métodos de pago ('Manage payment methods') in Mi cuenta ('Your account'),” Amazon.es warns.
“If there is no warning message on this page asking you to update your payment methods, then the email you have received is not from Amazon.
“Links in genuine Amazon emails will only ever start with https://www.amazon.es/xxxx, and legitimate website addresses carry a dot before 'amazon.es', with no other characters, such as hyphens, and Amazon never uses IP addresses or domains such as 'http://123.456.789.123/amazon', which are often found in bogus emails.”
Legitimate messages from the company will never include attachments to open or downloads to install, spelling or grammar mistakes, and will never come from an address other than amazon.com, amazon.es, amazon.co.uk, or domains from other countries where the firm has a presence such as Italy (.it), Brazil (.com.br), Australia (.com.au), Germany (.de), Canada (.ca), China (.cn), France (.fr), India (.in), Japan (.co.jp), México (.com.mx), The Netherlands (.nl), or Turkey (.com.tr), but only the branch from which the customer has ordered – you will not receive an amazon.com email in relation to an order from amazon.co.uk, for example.
In the event of any uncertainty, enter your Amazon site via a separate tab and log in, ignoring any links in the email received.
Where customers know, or suspect, they have received a 'phishing' attempt, they should forward it in full to stop-spoofing@amazon.com.
With 'Black Friday' just eight days away and Christmas shopping fever about to break out, most expatriates in Spain who will not be travelling back to their country of origin for the festive season will probably be using Amazon to send gifts to friends and family, and should be extra-vigilant about possible scams at these times of high website traffic.
TWO of Spain's largest high-street banks are reported to be in merger talks, potentially resulting in the joint entity being the second-biggest in the country in terms of share capital.
THE average Spanish resident will spend between €500 and €1,500 on their holidays this year, with three in 10 set to increase their budget from last year and 16% reducing it.
SPAIN'S State post office has launched a new solution for passing travellers who do not want to lug their suitcases around: Lockers for bags are now provided, with prices depending upon weight.
