Management / UK Amazon customers targeted in phishing attack
UK Amazon customers targeted in phishing attack
13 November 2015 |
Customers of online retail heavyweight Amazon have received phishing emails purporting to inform them of a data breach.
On Thursday morning a selection of Amazon customers reportedly received emails telling them that the company had suffered a data breach and they needed to verify their accounts.
The email claims that the breach resulted in the “data theft” of 2,592 Amazon accounts.
The alleged breach has since been brought to the attention of IT security firm F-Secure, which saw a spate of similar emails in September and has said that this particular phishing attempt appears to be “UK-centric”.
Researchers believe it was an attempt to trick users into disclosing their passwords.
This is the second attack on Amazon revealed this week, with discoveries that a new Trojan has been pre-installed on certain Android tablets being sold through the retailer as well as other online stores.
The Trojan, named Cloudsota, is capable of silently installing adware or malware on devices while simultaneously uninstalling anti-virus applications without the user noticing.
Cloudsota can also gain root permission on devices and automatically open installed applications, change browser homepages, redirect searches to advertising pages and replace boot animation and wallpapers with ads.
More than 30 tablets have been preloaded with the Trojan, according to researchers at Cheetah Mobile Security Lab, and more than 17,000 have been delivered to customers in 153 countries.
Researchers said that since many tablets are not protected by anti-virus, Cloudsota’s reach could actually be much larger than their analysis reveals.
Cheetah Mobile said it has asked Amazon to report users selling infected devices and notified companies where products were found to contain the pre-installed Trojan.
“Most people have no idea about Cloudsota’s potential risks, [but] it is a ticking time bomb threatening your privacy and property,” Cheetah Mobile said.
Photo © Silus Grok (CC BY-SA 2.0). Cropped.