Today, we received a number of calls and e-mails from individuals stating they received an email from Zappos.com confirming an order they never placed. These emails were not legitimate order confirmations from Zappos.com, but were actually phishing attempts directing users to other sites when they clicked on the links. These are known malicious sites that should be blocked by your antivirus software or your browser.
If you didn’t place an order with Zappos.com today and you received a suspicious order confirmation, please do not click on any of the links and immediately delete the e-mail.
This is a common tactic used by bad guys when trying to get you to unknowingly provide your username and password on a site that looks exactly like a legitimate retailer. The email template will look the same, the pictures and logos will look identical, and even the wording will be a perfect match; however, if you look a little closer, you’ll notice something funky with the blue-highlighted links. If you hover your mouse over any of these links, you’ll see the REAL site you’ll be sent to. For instance, in the phishing emails being sent out today, the links don’t say http://www.zappos.com when you place your mouse cursor over them, but instead a fraudulent website, which is a site not affiliated with Zappos.com”
If you’re ever in doubt, please proceed with caution. You can always contact us if you receive a suspicious e-mail that looks like it was sent by us. We want to know what our customers are experiencing, so we can provide the best service possible. We’re here for you 24/7 at firstname.lastname@example.org and 1-800-927-7671.