News and Insights | Mutual Security Credit Union

Beware of Order Confirmation Phishing Scams: Tips to Help You Stay Safe

Written by Mutual Security Credit Union | Dec 24, 2024 5:00:00 PM

What Are Order Confirmation Phishing Scams?

Order confirmation phishing scams typically involve fake emails, text messages, or phone calls claiming to be from well-known retailers or delivery services. These messages inform recipients of a purchase they did not make or of a problem with their order, prompting them to click a link, download an attachment, or provide personal information.

Common Examples of Order Confirmation Scams

  • "Your Order Has Been Shipped!" An email claims your expensive order (e.g., a laptop or smartphone) is on its way and provides a link to "view details or cancel." The link leads to a fake login page designed to steal your credentials
  • "Delivery Issue – Action Required" A text message says your package cannot be delivered due to incomplete payment or an incorrect address. It includes a link to update your information, which instead steals your credit card details.
  • "Suspicious Activity on Your Account" A phone call impersonates customer service, claiming unauthorized purchases were made on your account. Scammers urge you to provide sensitive data or install "antivirus software" that is actually malware.

Where these scams really catch victims is when they attempt to cancel the fake order. To cancel, you may be instructed to click a link or call a number. Either method ultimately leads to scammers trying to extract personal information under the guise of "confirming your identity."

They'll ask for your name, address, phone number, and, often, your credit card or banking details. If you hesitate or protest, they’ll insist that providing this information is essential to complete the cancellation. However, their real aim is to use your information to charge your credit card, drain your bank account, or steal your identity to open other accounts.

Don't be fooled. They want that information so they can actually charge your credit card, steal money from your bank account, or use your identity to open other accounts.

Many scams include an additional layer of deception. The scammers might ask you to download a file, often a Microsoft Word or Excel document, claiming you need to fill it out and send it back to cancel the order. These files almost always include malware.

When you open the file, you’ll likely see a notification at the top of the screen asking you to Enable Content.

 

If you're on the phone with the scammer, they’ll assure you this step is safe and necessary. It’s neither. Enabling the embedded content activates a malicious macro designed to steal your personal data, install ransomware, or grant the attacker access to your device.

Important: Never enable content on an Office file unless you are certain of its source and purpose. If you've downloaded one of these files, close it immediately and delete it. If you’ve already enabled active content, run a full antimalware scan on your computer to remove any malicious programs.

How to Recognize an Order Confirmation Scam

  • Urgent Language
    Scammers often use phrases like "immediate action required" or "your account will be charged" to create panic and pressure you into acting quickly.
  • Unknown Sender or Domain
    Look for subtle misspellings in the sender's email address (e.g., amaz0n.com instead of amazon.com). If the sender's information looks suspicious, proceed with caution.
  • Unexpected Orders
    If you haven’t made a recent purchase from the claimed retailer, treat the message with skepticism.
  • Unverified Links
    Hover over links without clicking to check where they lead. Scam links often redirect to unfamiliar or unrelated websites.

How to Avoid Falling Victim

  • Verify the Source
    Don’t click on a link or call a number shown on the suspicious email or text. Go to another browser window and do a search for the retailer and use the published phone number or other contact information. If the order confirmation is from a business where you have an account, log in to your account directly through the retailer’s official website or app to check for order details. Again, do not click on links in unsolicited messages.
  • Inspect Communication Carefully
    Legitimate businesses rarely request sensitive information like passwords or payment details via email or text. Look for typos, generic greetings, or inconsistent branding.
  • Use Security Tools
    Enable email filters and antivirus software to block phishing attempts. Multi-factor authentication (MFA) adds an extra layer of protection.

Report Suspicious Activity
If you suspect a scam, report it to the retailer and relevant authorities. Forward phishing emails to reportphishing@apwg.org (an address used by the Anti-Phishing Working Group, which includes Internet Service Providers (ISPs), security vendors, financial institutions, and law enforcement agencies), or use similar services in your region. You can also report phishing to the Federal Trade Commission (FTC) at FTC.gov/complaint.

For more information, you can check out the FTC’s tips for online security at ftc.gov/onlinesecurity.
View full post