A sophisticated Amazon phishing kit originating from Bandung, Indonesia, and linked to the “Indonesian Cyber Army” targets customers with fake Prime subscription or security alerts. The attack harvests credentials and financial information by directing users to a high-fidelity replica of the login page. To protect against such scams, consumers should verify alerts directly through the Amazon app or website.
To avoid phishing scams targeting Amazon accounts, always manually enter “amazon.com” in the browser and verify that communications appear in the official “Message Center” within the user’s account dashboard. Crucial defenses include enabling two-step verification, checking the sender’s actual email address for a “@amazon.com” domain, and using a password manager to detect fake, lookalike URLs.