Overview

• The phishing emails warn of an unauthorized 963-euro purchase and urge recipients to click a link for a refund
• Clicking the link directs users to amazon02atonline32.online, a fake site without Amazon’s registration or a valid SSL certificate
• Victims who enter their credentials risk account takeovers, fraudulent orders and exposure of their data on the dark web
• Security agencies advise typing Amazon URLs manually, avoiding email links and enabling two-factor authentication with unique passwords
• Users who have clicked the link should change their password, review stored payment details and report suspicious activity to Amazon support