There has been a recent phishing attack on Amazon.com. On January 11, 2017 Maria Varmazis with Naked Security by Sophos released a statement regarding the phishing attacks on Amazon. This phishing attack has replicated Amazon’s advertisements as well as their payment site. The scammer has been identified as Sc-Elegance.
The method that the hackers used was phishing.
From my readings I believe this was a very sophisticated attack.
The first recommendation that I would make to my leadership company if this attack happened on my watch is to ensure that the company is using a spam filter for detection. I would also recommend researching the spam filter to find out their ratings and how trustworthy they are. I would also recommend utilizing a secure web filter as well as encrypting all sensitive data (company and customers data). Ensuring the company is using an anti-virus is another recommendation. This anti-virus needs to be an exceptional product (as exceptional as the company’s budget will allow) and ran on a consistent schedule.
I would take the following steps to protect my personal data:
- Change my password often.
- Use caution when storing personal information on various websites.
- Do not store credit card or bank information on websites.
- When receiving telephone calls, emails, instant messages, etc. call the company to verify what’s being stated to you before moving forward.