§56 GDPR, terrorist financing and money laundering: This news is tough and throws around impressive terms!

However, you shouldn't be intimidated by all these terms, because emails with the subject line “Amazon Customer Service | Current customer message! “Your help is required” is an attempted fraud in which Amazon customers are trying to get their access data, as well as their address and bank details, out of their pockets.

By the way, Amazon has nothing to do with this phishing attack. You have become a victim yourself when criminals misuse the company name, logo and corporate design for fraud purposes. The email appears visually in the following form:

Screenshot Mimikama.at
Screenshot Mimikama.at

The content is in barrier-free plain text:

Hello ,
Due to numerous changes in European data protection laws, we have developed an automated system to keep our customer data up to date and check it. This system has selected you to compare your data in a one-time verification in order to comply with the provisions of Section 56 of the GDPR. By participating in the process, you are making an important contribution to combating terrorist financing and money laundering.
Important: If you do not carry out the one-time account verification, we must deactivate your account until further notice, according to the law. Please ensure that your data is correct throughout the system check. If our system detects deviations, we are obliged to take further steps.
This verification process is unique. After successful completion, you can use our services as usual. In recognition of your efforts, 15 euros will be credited to your Amazon customer account.
If we find any irregularities, customer service will contact you within 24 hours. If you are not contacted by support within 24 hours, consider this email to be invalid.

Now confirm your identity

The aim is to give you more transparency and control over how we handle your data.
Kind regards,
your Amazon Service Team

Beware of phishing!

The content, structure and argument are always particularly important in a phishing scam via email, because the more convincing a phishing scam is, the more people fall for it. And a great job has been done with this email and the associated phishing website, because in addition to the plausible structure of the email, the phishing website also has an HTTPS-secured connection.

A secure connection with the HTTPS protocol (HyperText Transfer Protocol Secure “secure hypertext transfer protocol”) ultimately says NOTHING about the content of the page you are visiting, but only something about the path BETWEEN your own computer and the website on the other, but it does work green symbols in the browser, or the term “Secure”, as if you were on the provider’s real website.

However, this is a fallacy! This website does not belong to Amazon, but is a fake login. Following this fake login, the website requires you to enter address and bank details. All entries made here end up directly in the hands of fraudsters.

Screenshot Mimikama.at
Screenshot Mimikama.at

If you fall into such a phishing trap, the following measures can help: Security software can help preventatively ! Despite all caution, it can still happen from time to time that you have fallen victim to a phishing attack and have unintentionally disclosed your personal data to third parties. It is important not to panic and to act immediately!

So that you actually know what to do in an emergency, follow our step-by-step instructions here:

  1. Contact the company for which your personal user or login information was stolen immediately. Please call customer service to have your account blocked. Banks in particular have a blocking hotline that can be reached around the clock and is available specifically for such and similar cases. Describe your case and your account or user area will no longer be accessible with the old login data.
  2. Log in to your user account and check whether you can still log in. If this is still possible, go immediately to the area where you can change your current login details. Set a new password and, if possible, also change the user name and contact address.
  3. Check immediately whether account changes or transactions have already been made , as criminals are usually very quick. Check whether, for example, goods have been purchased or debits have been made for which you are not responsible. If this is the case, inform the customer service of the respective provider immediately.
  4. Document all abnormalities . Take screenshots, print out bank statements and the phishing email, or forward the email to the company in whose name the cybercriminals sent the phishing email.
  5. Contact a lawyer who specializes in internet fraud , describe your case and submit all documents related to the fraud. You should contact the lawyer even if you have not yet reported any damage.
  6. 2 -factor authentication (if offered) prevents access even if fraudsters have obtained the access data through phishing.

By the way, there is also hope in phishing that stolen funds, for example from online banking, will be replaced by banks. The basis for this is the Civil Code. According to § 675u BGB, payment service providers are obliged to replace the stolen payment amounts in the event of unauthorized payment transactions. However, this only applies if the person concerned has fulfilled their duty of care. Further information on the legal basis in the event of damage can be found here .

“Whether you believe that or not. It is like that."


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )