Threat Intelligence Directory
Phishing
Fake Amazon Order Confirmation
Attack Trigger
Unauthorized charge fear
What Attackers Want
$300–$1,200 fake charge used as bait
How This Attack Works
Fake order confirmation emails claim a large purchase was made on your account. Clicking "Cancel Order" leads to credential theft.
Red Flags to Watch For
- ✗Sender is not @amazon.com
- ✗Order number does not appear in your Amazon account
- ✗Cancellation link goes to non-amazon.com domain
- ✗Asks for full credit card to "verify identity"
Known Malicious Domains
These domains have been associated with this attack. Never click links going to these addresses.
- amazon-order-confirm.comMALICIOUS
- amazon-billing.netMALICIOUS
- order-amazon-update.comMALICIOUS
Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free