McAfee has released a fantastic blog post about a phishing kit known as 16Shop in which they describe the complexity of the kit as well as how it is now being used to not only target Apple users but Amazon too. This was released a few days before Prime Day, essentially black Friday in the summer on Amazon, since the kits are so advanced. One of the most common ploys to get users to enter their credentials on these malicious sites is to send an email saying that there was an update on the account and to please login to verify the changes. The link in the email will lead users to a very convincing copy of the site in question and then will log the users information to then be sold.
We recommend that if users want to check any account changes on Amazon, which they received via email or other sources, that they go to Amazon.com directly and navigate from there rather than following suspicious links.
McAfee
There is something to be said that there was a cracked version online that pirates of 16Shop have been using that harvests all the data stolen by the attacker. Usually 16Shop will send the victim’s information only to the attacker, but with the cracked version the user who cracked it also gets a copy of the stolen information. For more you can read either McAfee’s post mentioned or this article by Bleeping Computer.
cybersqueeze 