A pair of recent campaigns aim to lift credentials and other personal information under the guise of Amazon package-delivery notices. Researchers at Armorblox recently spotted a pair of savvy campaigns leveraging Amazon. A credential-phishing attempt using a purported Amazon delivery order failure notice; and a voice phishing (vishing) attempt also using Amazon delivery orders. Both are examples of the ever-more sophisticated phishing efforts being developed by fraudsters that are aimed at gaming traditional email security efforts, researchers said.
Source: https://threatpost.com/amazon-phishing-campaigns-security-checks/157495/