For just over a year, all web pages that want to be indexed in the Google search engine must use the https protocol, a security protocol that differs from the traditional http, offers us end-to-end encryption on all data that are sent to the servers where the web page is located.
This move by Google, to increase internet security, added to the fact that all browsers show us a danger message when we visit a website in http format, have forced friends from outside to use other strategies to try to deceive to the most unsuspecting users. Today we talk about the new method they are using to scam via SMS impersonating Amazon.
The scam attempt begins when we receive an SMS, supposedly from Amazon, in which he informs us that we have been the lucky winners of a raffle that Amazon has organized to celebrate its anniversary and invites us to click on a link to get it, an unsecured http link without the s as you can see in the image above.
By clicking on the link, we are shown a web page with the Amazon logo, making use of https, and with a design very different from that offered by the search giant. The text of that link informs us that weekly they select 10 Amazon customers to thank you for the trust you place in your products and services and inviting us to answer three questions to see if we are lucky.
By answering these three questions, you inform us that we have been the lucky winners of an iPhone XS. In order to receive it, assume that we are Amazon users even if it is not true, we must enter the data of our Amazon account to pay the 2 euros of shipping costs.
When using the web the https protocol, the browser at no time it will detect that it is a possible phishing, which is what it really is, so it will let us enter the data without any problem.
Request the data of our Amazon account
When entering our data, another web page will be displayed in which we are informed that the verification has been carried out successfully and that in order to receive the product, we must verify our age (if we are not over 18 years old, bad luck) , using our credit card. That is, they not only try to steal our Amazon account, but also, they also want our credit card details.
If we have entered the data of our Amazon account, the only thing we have achieved is give scammers access so we must quickly access our Amazon account and change the password.
Bypassing browser security
Once we have been the lucky winners of an iPhone XS through a web without https protocol, you are automatically redirected to a web address that uses the https protocol, a protocol that as we have commented at the beginning of the article encrypts all information that is sent, so no intermediary who may have access can decrypt it.
In this case, there is no intermediary that can have access, since what we are doing if we enter the data of our Amazon account and credit card what we are doing is giving it directlyHence, browsers are not able to detect that it is a phishing website and do not inform us about it.
In addition to trying to deceive the most cautious users, when accessing the information of the security certificate, we see how It has been Amazon itself who has verified the identity of the web.
While it is true that Amazon is one of the most widely used cloud hosting companies in the world by companies through AWS, it is not usually dedicated to certifying the security of web pages, although it also does so to a lesser extent, such as the website that provides access to its Primevideo streaming video service.
The Amazon.com and Amazon.com https protocol security certificate is signed by Digicert Inc. that should be the same of the web where the data of both our Amazon account and our credit card are requested.
The one on Twitch.tv, the video player streaming service that is also part of Amazon, is signed by GlobalSing nv-sa. These two companies are the most used worldwide to obtain the necessary certificates to be able to offer the necessary security on a day-to-day basis when browsing the internet.
Nobody gives anything away
No company, much less the largest, have become so important for giving nothing away. Nobody gives anything away, although it is a saying that everyone should know, It seems incredible that today, many are the users who believe in this type of scams, scams that generally appear both on Facebook and WhatsApp, and that have recently begun to be available via SMS.
This type of phishing is similar to the one that has also begun to circulate in recent weeks via SMS from the Post Office, in which they inform us that they have a package for us and that we only have to pay the shipping costs, in a method with which they want to get our credit card number following a procedure very similar to the one we discussed in this Article.