Researchers from McAfee uncovered a new version of the 16Shop phishing kit that targets Amazon account holders with over 200 URLs loading login in order to steal login information.
What is 16Shop?
16Shop is a commercial product that provides protection against unlicensed use and research attempts. It can also adapt the phishing templates to the type of device they load on.
A previous variant of 16Shop phishing kit targeted Apple users via malicious emails and PDF files since November 2018. It redirected users to a page asking for Apple account data, including payment card details.
The big picture
McAfee researchers observed the new variant targeting Amazon users since May 2019. Researchers noted that over 200 Malicious URLs were used by the threat actors to serve this phishing kit.
“The group responsible for 16shop kit continues to develop and evolve the kit to target a larger audience. To protect themselves, users need to be extremely vigilant when receiving unsolicited email and messages,” the researchers wrote.
Key takeaway
In case, if you receive emails regarding account changes on Amazon, it is best to check any account changes in the official Amazon website rather than following the suspicious links.
Publisher