Your company is participating in a Cyber Security Education Program.


This Amazon Phishing Attack included the following social engineering techniques:


  1. Topical subject, Amazon, to be consistent with current emails as most people have purchased from Amazon.
  2. Amazon logo to appear legitimate.
  3. Links masked with amazon.<some primary domain> to appear correct.


How to spot this was a phishing email:


  1. Was this an email you expected to receive? No - Be cautious
  2. The sender named email address was suspicious (not from the correct address): example - auto-confirm@web-contest.host or amazon@web-contest.host
  3. The link provided (if checked/mouse hover) was directing to http://amazon.<some primary domain>/...


Note: Amazon.ca website is amazon.ca (primary domain)


“An employee is either an asset to your cyber security or a risk.”