question

newuser-af5de8c4-9688-4081-844c-333eafb70e7d avatar image

appActionToken being used for amazon phishing scam sites

Example:

  <div class="a-section">
        
        <form name="signIn" method="post" novalidate action="http://www.comunecorropoli.com/public/bandi/2018_02/login.php" class="a-spacing-none">
          
            
            
              <input type="hidden" name="appActionToken" value="NzG3I9tLvOYw5n0m7mhlZlIK65kj3D" /><input type="hidden" name="appAction" value="SIGNIN" />
            
          
          
  
    <input type="hidden" name="openid.pape.max_auth_age" value="ape:MTgwMDA=">
  
    <input type="hidden" name="openid.identity" value="ape:aHR0cDovL3NwZWNzLm9wZW5pZC5uZXQvYXV0aC8yLjAvaWRlbnRpZmllcl9zZWxlY3Q=">

How to report this appActionToken to be blocked?

app
10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

Levon@Amazon avatar image
Levon@Amazon answered

Hi there,

Could you please provide some context for this? Where is this happening? What product / service, etc? We need more details and step by step instructions, to reproduce and investigate. Thanks!

10 |5000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.