Warning!
We have to give credit to the those who want to take advantage of unsuspecting victims, their fake emails are getting more convincing. If you get an email confirmation for an order that you never made, don’t click on the links. Instead, if you are concerned that someone made a purchase on your behalf, lookup the company’s phone number online (not a number supplied in the fake email) and contact them to confirm that the notice is indeed fake.
What harm is there in clicking the link?
That will depend on the intentions of the attacker. They could just be on a fishing expedition, looking to get your personal information so that they can steal your identity or just fraudulently make purchases with your credit card. On the other hand, the website that you get redirected to could have malicious code in it which will allow the attacker to have access to your computer where they can steal your data or encrypt your files and require you pay a hefty ransom to regain access to them.
What to do if you click the link?
That will depend on where the link takes you. If you provided personal information to a website, including your credit card or banking details, contact your financial institution right away and follow any advice that they give. If you suspect that you may have given access to your system, turn it off and take it to your local computer technician who can take steps to backup your files and clean up any trojans that might be hanging around.