This Is What an Amazon Email Scam Looks Like
Not every email from Amazon is legitimate. Keep an eye out for these telltale signs you might be dealing with a scammer.
Just when you thought you knew how to avoid online scams, fraudsters have gotten trickier—and more convincing. Many of them have started to send emails impersonating popular retailers such as Amazon, according to a warning by the Federal Trade Commission (FTC), which investigates fraud and phishing attempts. In fact, reports about Amazon scams have increased by a whopping 500 percent since June 2020, and experts say that a wide range of Amazon email scams are floating around right now.
“An Amazon email scam can look exactly like a real Amazon email, or can be poorly crafted, and everything in between,” according to Alex Hamerstone, a director with the security-consulting firm TrustedSec. “But the core scams are usually pretty similar, as are the risks, the ways to prevent them, and the recommended response.”
To protect you from falling victim to an Amazon email scam, we asked experts to share what these scams look like, why they’re so dangerous, and what to do if you receive one. Frequent online shoppers should also beware of the signs an Amazon seller can’t be trusted and the most common Facebook Marketplace scams.
What does an Amazon email scam look like?
No two Amazon email scams look alike, which makes them tough to spot. In one common scam, you might receive a receipt and shipping confirmation for an Amazon order you never placed. Another type of email scam involves notifying you of a problem with your Amazon account or payment method. The sender may ask you to call a phone number or click a link inside the email to fix the issue. “The goal of those is to get you to think you need to update your account information, and usually give the scammer your credit card or bank information,” explains Hamerstone.
Why are Amazon email scams dangerous?
These days, Amazon email scams target more than one form of sensitive personal information. A scammer’s goal might be to convince you to click a link or open an attachment that installs a virus or other harmful software on your computer. The scam could also be hoping to gain access to your Amazon account or financial information by tricking you into entering your log-in credentials, credit card number, or other personal data like your Social Security number, says Eva Velasquez, president and CEO of the Identity Theft Resource Center. Scammers can also get this information through other methods like Apple ID phishing scams and this area codes phone scam.
What can happen if you fall for an Amazon email scam?
When you share your log-in, credit card number, or other personal information with scammers, they can use your bank or Amazon account to make purchases and run up hefty charges. “These scams are all targeting your money,” says Chris Pierson, CEO of BlackCloak, a cybersecurity company. “The cybercriminals want either access to your account and the ability to purchase items or access to your credit card—both of which can cause you financial harm.” Criminals can also use your personal information to steal your identity, according to Velasquez. Your personal information could also be used in a doxxing attack if it falls into the wrong hands. FYI, contactless payment apps such as Apple Pay, Google Pay, and Venmo can leave your financial and other sensitive data vulnerable to scammers, too.
How to spot an Amazon email scam
Think an email from Amazon looks phony? One of the most foolproof ways to spot an email scam is to look for red flags such as suspicious language or grammatical and spelling errors. According to Velasquez, you should also watch out for sentences like: “There is a problem with your account. Please click here to verify your account or change your password,” “Here is your receipt and shipping confirmation” for a product you never ordered, and “Please verify your payment method.” Amazon will never ask for these things by email, Hamerstone says. You should also click to see the sender’s full email address. In the United States, any email address that does not end with “@amazon.com” is fake.
Steps to take if you receive an email from Amazon
- Look for signs of fraud, such as an unusual sender’s address, suspicious language, or typos.
- If you received an email about an Amazon order, open Amazon’s website directly through your browser, log in to your account, and look under “Your Orders” to see if any orders match the details in the email.
- If the email asks you to confirm or update your account information, contact Amazon directly by email or phone to find out of if the message is legitimate.
- Mark the suspicious email as spam and delete it from your inbox.
- Report the email to Amazon’s “Report Something Suspicious” page and the FTC.
What to do if you fall victim to one of these email scams
If you believe you are the victim of an Amazon email scam, “the first thing to do is log into your Amazon account, change the password, and turn on dual-factor authentication,” Pierson says. He also recommends going to Login & Security > Secure Your Account on Amazon’s website and clicking on the “Sign-Out Everything” button to block the scammer from accessing your account. Contact your bank or credit card company if you gave out your financial information, and report the scam to Amazon and the FTC so they can open an investigation. Going forward, you should also steer clear of emails from these other organizations and brands that scammers impersonate most often.
Next, read up on what a brushing scam is and how to avoid it.
- FTC.gov: “FTC Data Spotlight on scammers impersonating Amazon: How businesses can reduce injury to consumers”
- Alex Hamerstone, director of advisory solutions at TrustedSec
- Eva Velasquez, president and CEO of the Identity Theft Resource Center
- Chris Pierson, PhD, CEO of BlackCloak
- Amazon.com: “Report Something Suspicious”