Vishing attack- Attempt to steal Bank details of Amazon Customers

In a recent Vishing attack, fraudsters attempted to steal banking details of Amazon customers by sending them emails containing fake order receipts and a phone numbers to call for processing order returns.
As reported by Armorblox, there were two Amazon vishing attacks that attempted to steal victims’ credit card details.
In the first attempt an email was sent from a Gmail account with title Invoice:ID containing genuine looking Amazon invoice number. This email urged the customers to call the number in case of an error in the order. The invoice, towards the end mentioned a contact number and AMAZ0N TEAM with zero instead of letter O. Use of zero helped the message bypass existing spam filters, including Microsoft Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MSDO).
When the team at Armorblox called the ‘Contact Us’ phone number included in the body, a real person answered the call and pretended to be from the Amazon team. They asked for the order number, name, and credit card details before cutting the call and blocking their number.
The second attack, an email was sent with [email protected], titled “A shipment with goods is being delivered’’, with a genuine looking order number and a contact number. However, the number given seems to have been taken down.
To minimize the impact of such attacks and protect yourself, its best to follow some security measures such as:
Use strong password that is creative and unique & change it often
Always confirm the source of unexpected emails & links
Use multifactor authentication
And don’t divulge your personal information on pnone