Anyone who has had any contact with Amazon knows that, from time to time, you may come across scammers who parasitically exploit the marketplace’s popularity. They defraud all sorts of users: sellers, buyers, regular users, and one-time visitors.
Even if you’ve never logged on to Amazon (real talk, though: never?), some of these scams can affect you, too. We’ll focus first on buyers because they form the largest group, but we won’t ignore everyone else.
I shop on Amazon. What should I look out for?
For many years now, phishing — that timeless classic of Internet fraud — has remained the main threat to most ordinary users. A scammer’s main target is your personal data, and preferably data that gives access to important accounts (ideally, finance-related accounts). An Amazon account, as you might guess, is a worthwhile prize.
Scammers try to obtain this data using fraudulent e-mails, text messages, or calls purporting to come from Amazon. There are dozens of phishing techniques, but most often, they stress urgency. Below, you’ll find the main types of phishing e-mails our antispam analysts have come across recently.
Fake message about an Amazon Prime subscription
You receive an e-mail or text message claiming you’ll soon be charged for the Amazon Prime subscription you (allegedly) purchased and providing a number you can call to cancel the purchase. If you call it, they’ll try to trick or pressure you into revealing your username, password, and card number.
There is also a version of this scheme that involves persuading victims to install the remote access program TeamViewer on their computers — and that relieved ordinary Britons of a million pounds over a three-month period in 2019.
Fake alerts about suspicious activity on your Amazon account
One of the most common phishing techniques uses a message that appears to come from Amazon and refers to suspicious activity or unauthorized transactions in your account. In this scenario, the scammers try to frighten you by making you think someone hacked your account.
To put things right, the notification says, you need to click a link. The link leads to a fake Amazon site, and if you enter your username and password there, that information goes straight to the scammers, who use them to hack your account (for real). One woman in Fife, Scotland, ended up losing £80,000 as a result of such a call.
Confirmation of an Amazon order you didn’t make
Your Sony PlayStation will soon be shipped to the address you provided. Didn’t order one? Just call us and we’ll fix everything.
As you may have guessed, making that call is a bad idea. Once again, scammers are after easy money and personal data. One woman in Australia lost AU$4,000 this way; the scammers got her to buy Amazon gift cards.
Fraud involving paying for products with a gift card
Gift cards are central toContinue reading