The Amazon Data Breach just prior to Black Friday sales sees the company refusing to comment. No one, apart from Amazon knows the who, what, when, where and why of the Amazon Data Breach. Sorry, that is not good enough!
Amazon Data breach customers got a cryptic email:
We’re contacting you to let you know that our website inadvertently disclosed your name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.
Sincerely, Customer Service
We can deduce that by not having to change your password that it was only information that spammers can use – a list of Amazon customers and email addresses, no less.
We also know that it must have been prevalent in countries without mandatory data breach legislation.
The Guardian reported that “Amazon refuse to give any more details on how many people were affected or where they are based.”
GadgetGuy says that the world’s second largest company needs to be transparent and this behaviour is both suspicious and offensive.
NordVPN had some advice for Amazon Data Breach users – change your password NOW. It also said beware of phishing, especially for ‘post-sales’ offers that are too good to be true.
Phishing victims usually receive emails that look like messages from legitimate online vendors, such as Amazon. Such emails ask to click on a link, which may, in turn, ask to submit the user’s personal information.
Ruby Gonzalez, Communications Director at NordVPN said
“Unsuspecting shoppers may believe they are on their vendor’s website, while they are actually on a fake site designed to extract their personal information”
“Even though hackers are getting more and more sophisticated, it’s still possible to recognize that you are visiting a fake site. Be especially cautious if you have clicked on a link or button received through an email – a well-designed phishing email may feature the logo and the general look of your favourite brand. It may even lead you to a site that looks like the real one.”
The truth is, if a person is untrained in cybersecurity, a phishing email can easily lead them to share sensitive information willingly and expose themselves to hackers. NordVPNoffers easy online security tips to avoid phishing attacks and stay safe online.
Tips for spotting a phishing email:
1. Check the sender’s address. Don’t just trust the display name – pay attention to the email address. If the domain looks suspicious, (e.g., firstname.lastname@example.org), don’t open the email.
2. Look for spelling and grammar mistakes. Serious companies don’t usually send out emails with bad grammar and basic spelling mistakes.
3. Take a look at the greeting. Your bank or another legitimate institution would often address you with your full name. If you seea vague “Dear user” instead, remain vigilant.
4. Don’t click on links– instead, hover your mouse on the button to see the destination link. Check if it looks legitimate and, especially, if it contains the “https” part to indicate a secure connection.
5. When in doubt, contact your bank or other institution over the phone or alternative email address and ask to confirm if the email is legitimate.