I’m puzzling over an email I received this morning from Amazon’s customer service. The email is…well, strange.
It purports to be from someone in the “Amazon Billing Escalation Department” who investigated charges made to my account. The amount of the charges do not match the amount of any order I’ve placed in the last six months, nor did I have an open inquiry into any order. The email does not provide an order or reference number. It states, in part:
So, I haven’t had a MasterCard associated with my Amazon account in nearly four years. The message is oddly informal in places and implies a relationship with someone that I don’t have. The email screams “phishing attempt” to me, except for the following:
[ul]
[li]The email is addressed to my real first name[/li][li]All of the links in the email actually point back to Amazon[/li][li]By coincidence (?), I chatted with Amazon’s customer service last night about a refund issue with one of my orders[/li][/ul]So is this somehow the world’s most clever phishing attempt? Or is it a legitimate email that perhaps got sent to the wrong person due to some sort of customer database cross-up?
Hah…timing is everything. I just got a follow-up email apologizing for the first email sent in error. The intent was, indeed, to write to me about the refund chat I had last night, and this new email included detail proving that, including the order number and the correct credit card charge.
Only 14 minutes between the first and second emails, too. Not bad.
I work in the cybersecurity business, but i have not seen your -email, so this is all a best guess:
[ul]
[li]The email is addressed to my real first name - Super easy to do, a very common spoofing technique[/li][li]All of the links in the email actually point back to Amazon - how can you be 100% sure? I’ll bet at least one points to something that looks remarkably like Amazon, but is actually not. Sometimes it takes trained cybersecurity analysts to spot the faked webpages. Also know that the bad guys will frequently have some links that are 100% valid. That builds your confidence up that it is a legit communication.[/li][li]By coincidence (?), I chatted with Amazon’s customer service last night about a refund issue with one of my orders - May be a coincidence, which makes this a phishing e-mail. Or it could be that after your conversation last night Amazon likely sent you an e-mail confirming whatever action you asked them about? If that happened, and then you got this e-mail, I would suspect your e-mail account is compromised.[/li][/ul]
EDIT - Well, ninja’d by the OP with an answer. Still I’ll leave my post, the cautions are 100% still correct, and may help someone else.
Just to respond to the question of how I knew about the links, I was looking at the email on my phone. As I generally do when I’m concerned about a phishing attempt, I copied the URL (it’s an Android, so I just long-hold on the link until it gives me an option to Copy URL) and then paste it into a clean document so I can review the entire URL. In this case, I could see that none of the links pointed to anywhere other than Amazon (and not amazon dot com dot wescamyou dot ru or anything like that). Further, nothing in the email was actually asking me to login to my account, so it would have been fairly subtle phishing in that regard.
I can relate to this. I’ve worked shifts when I was responsible for email, live chat, and phone calls. It’s easy enough to have multiple accounts open and mix up two different customers. You’d be working on email questions and then a phone call or chat would interrupt you. It’s easy enough to mix up Joe Jones’ situation with Mary Smith and send a confusing email like you received.
I believe there actually is. I am not sure of their function but Amazon has a department for darn near anything.
Odd e-mails are not unusual for them; even real ones like in this case. A lot of the software that is used at the CS-associate level is basically click a box and something is generated. Click the wrong box and something wrong is generated. There are, I believe, automatic checks and all so errors get caught but not at the speed that they are made.
I got an e-mail last week thanking me for joining the rank-and-file at Da Jungle and noting the pay and benefits. Two problems with this:
I have worked there for almost three years
It quoted a figure a bit higher than I’m paid.
These e-mails were supposed to go to the new people at a center just starting in another city. Someone hit the box for e-mailing our center. Because it involves employees (who they really don’t worry about much) and not customers (who they do worry about somewhat) no correction was sent. Which lead to some grumbling by many of my coworkers. Me? I just smiled and saved it in the file with the other 147 errors they have made concerning my employment with them.
