2 Remove Virus

What is the “Amazon – Your Account Has Been Locked” phishing email

“Amazon – Your Account Has Been Locked” email is part of a phishing email campaign that tries to phish users’ Amazon login credentials. The email claims that users’ Amazon accounts have been suspended and that they can unfreeze their accounts by clicking on the link in the email. The link will lead users to a phishing website.

 

 

The “Amazon – Your Account Has Been Locked” email is a low-effort phishing attempt that tries to trick users into clicking on the provided link. The email claims that users’ accounts have been locked due to suspicious activity, including several unusual transactions. To unfreeze their accounts, users are requested to verify them by clicking on the “Verify Your Account” button.

If users click on it, they will be taken to a site that closely imitates Amazon. Just like the legitimate Amazon account login page, this site first asks for users’ email or phone number, and then it will request a password. If users type in their credentials, they will immediately be sent to the malicious actors operating this phishing campaign.

As seen in the above image, the site very closely resembles Amazon’s login page. However, the site’s URL very obviously does not belong to Amazon. The URL is usually the biggest giveaway.

The full contents of the “Amazon – Your Account Has Been Locked” phishing email are below:

Subject: YOUR ACCOUNT HAS BEEN LOCKED

amazon

Dear Client,

YOUR ACCOUNT HAS BEEN LOCKED

Due to suspicious activity including several unusual transactions on your Amazon Acount your Acount is suspended until further notice.

To unfreeze your account, please verify your account information IMMEDIATELY to confirm your identity.

Verify Your Account

How to identify a phishing attempt

The majority of phishing emails that target regular users are low-effort, which means they are easy to recognize.

The first thing users should check when they receive an unsolicited email that asks them to perform some action (e.g. click on a link or open an attachment) is the sender’s email address. A lot of phishing emails are sent from random-looking email addresses, and it’s immediately obvious the emails are either malicious or spam. Random-looking email addresses made up of random letters and numbers look very unprofessional and companies do not use them. More sophisticated malicious emails will be sent from legitimate-looking email addresses, so it’s important to carefully inspect them. Users can use a search engine to look into whether the email address belongs to whomever the sender claims to be.

Another thing to check is how an email addresses the recipient. When companies send their customers emails, they generally address them by name or rather by the name users have given them. This makes the emails more personal. However, malicious emails always address users with generic phrases like Dear Customer, User, Member, etc. Many users are targeted with the same emails and malicious actors often do not have access to personal information, so they use generic words instead of users’ names. This particular “Amazon – Your Account Has Been Locked” addresses the recipients as “Clients”, which is an immediate giveaway that it’s not a legitimate email from Amazon.

Malicious and phishing emails frequently have spelling and grammar errors as well. Malicious actors often speak poor English, so mistakes are very obvious. This email has several mistakes in it, which you certainly would not see in a legitimate email from Amazon.

If an email contains a link, users should inspect it carefully before clicking on it. If users hover over the link with their mouse, the URL will appear at the bottom. If the URL looks suspicious in any way, users should not click on it. In general, it’s better to not click on email links at all. If users receive an email that asks them to click on a link to fix their account, for example, they should instead manually log in to the account.

Finally, while some phishing websites are very well-made and look more or less identical to the sites they’re imitating, the URL will always give it away. Before logging in anywhere, users should always check the site’s URL. Users should also keep in mind that malicious actors use various tactics to make the URLs look more legitimate. For instance, the “r” and “n” letters combined together (“rn”) can first be mistaken for the letter “m”.

“Amazon – Your Account Has Been Locked” phishing email removal

If you receive this or a similar phishing email, you can just delete it from your inbox. As long as you do not interact with these emails, they are harmless. However, if you have clicked on the link and typed in your Amazon login credentials, you need to change your password immediately if you can still access your account. If the account is no longer accessible, cancel any payment cards connected to the account. You can also try contacting Amazon’s customer service to see whether it’s possible to recover your account.

Site Disclaimer

2-remove-virus.com is not sponsored, owned, affiliated, or linked to malware developers or distributors that are referenced in this article. The article does not promote or endorse any type of malware. We aim at providing useful information that will help computer users to detect and eliminate the unwanted malicious programs from their computers. This can be done manually by following the instructions presented in the article or automatically by implementing the suggested anti-malware tools.

The article is only meant to be used for educational purposes. If you follow the instructions given in the article, you agree to be contracted by the disclaimer. We do not guarantee that the artcile will present you with a solution that removes the malign threats completely. Malware changes constantly, which is why, in some cases, it may be difficult to clean the computer fully by using only the manual removal instructions.