Emails reported to the Information Security Office or Help Desk will be listed here. The emails will be identified as phishing or legitimate, with helpful clues as to why the message is malicious or legitimate. Contact infosec@hamilton.edu to report a phishing email.

Order Shipping Confirmation - Phishing!

It's a Phish!

How to tell it's a phishing message:

  1. Reply-To email address is not a valid Amazon email address. The Reply-To address is a gmail[dot]com email address.
  2. The email had a PDF attachment to it. Do not open the attachment! It may include malicious code that will execute once you open the attachment.
  3. The email is seeking an unwary person to forward the invoice and process for payment without confirming the validity of the email or of the purchase. When in doubt, confirm separately if you have made a recent Amazon order that would require payment afterward. Amazon purchases require payment at the time of purchase, not afterward.

Message Contents:

From: Amazon Order Confirmation <amzonadavid[at]gmail[dot]com>
Date: Wed, Sep 1, 2021 at 11:09 AM
Subject: Order Shipping Confirmation
To: <redacted>

Dear Customer,

Thanks you placing and order with us. Your Order has been shipped and it is on the way. Please find the Invoice copy and order details in attachment.

We hope to see you again soon.

Thanks for your business with us.

All Entries


Jerry Tylutki

Information Security Officer

Help us provide an accessible education, offer innovative resources and programs, and foster intellectual exploration.

Site Search