A cow-orker received an email purporting to be from Amazon. Here are some of the data points included:
Order Confirmation, Order #170-2506927-9509503
Your estimated delivery date is Thursday, May 30, 2013
Placed on Wensday [sic], May 29, 2013
Your order was sent to Sophia Turner (not her name), 1433 Columbia Drive, San Paolo, SC 06104-5139
(Item ordered): Sanyo I554R6080 55-inch 1080p 400 Hz LED Slim 3D HDTV (Silber [sic]), sold by MODIA, $1051.83
Order Total: $1051.83
Other than the misspelling of Wednesday and Silver, it has all the Amazon logos and typical order confirmation layout. However, all of the links go to a (different) page at frontsighttacticalanddefense.com, which, if legitimate, is an arms-sale site.
My cow-orker says she did not order this item, and for a thousand dollars, would certainly remember it if she did. The name Sophia Turner is not hers.
A google search on all key phrases in this email, including the Sanyo model number, the ZIP (which is for CT, not SC) turns up nothing, so numbers and names are probably randomly generated.
I can only guess that the sender hoped she would click on one of the links, like “my account,” and be sent to a malware site. Is this the most likely interpretation, or is there a better one?