Email scams and phishing attempts involving major companies like Amazon are unfortunately very common these days. Criminals will send out fake emails pretending to be from Amazon in order to trick people into giving up personal information or installing malware. If you receive an email that claims to be from Amazon but seems suspicious, there are steps you should take to protect yourself. Don’t panic, but do proceed with caution when evaluating any emails that seem like they could be fake.
How to Tell if an Amazon Email is Fake
There are a few key signs that can help you identify a fake Amazon email:
The Sender’s Email Address Looks Suspicious
Fake Amazon emails will often come from odd email addresses rather than an official amazon.com address. Look closely at the sender’s email address – does it match the company’s domain exactly? Fake senders will try to use addresses that look similar in order to appear legitimate at first glance. For example, the sender could be something like “[email protected]” which uses Amazon in the address but is not actually affiliated with them.
Generic Greeting
Real emails from corporations will typically address you directly by name. If the email greeting says something generic like “Dear customer” instead of your name, that’s a red flag.
Requests Sensitive Information
Amazon will never send you an unsolicited email asking for sensitive personal or account information like your password, Social Security number, or bank details. Any email that requests this type of info is a scam.
Threatens Account Suspension
Scammers will often threaten that your Amazon account will be shut down or suspended if you don’t take action. This is done to create a sense of urgency and panic to trick you into giving them information. Amazon will not suspend your account out of the blue without contacting you through official channels first.
Poor Spelling/Grammar
Sloppy spelling and grammar mistakes are a giveaway that an email is not legitimate. Large corporations like Amazon put effort into maintaining professional communication.
Generic Greeting
Real emails from corporations will typically address you directly by name. If the email greeting says something generic like “Dear customer” instead of your name, that’s a red flag.
What to Do if You Receive a Suspicious Email Claiming to be From Amazon
If you’ve evaluated an email and believe it may be a fake trying to impersonate Amazon, take the following steps:
Don’t Click Links or Open Attachments
Fake Amazon emails will often contain links to phishing sites or attachments loaded with malware. Do not click any links or download any attachments in emails that seem suspicious – this could compromise your device or your Amazon account security. Even just opening the email itself can cause problems in some cases.
Forward the Email to Amazon
Amazon provides an email address where you can forward any suspicious emails claiming to be from them. Forward the email to [email protected] so Amazon can investigate it. This helps them identify active phishing scams involving their brand.
Report the Email as Phishing
Use the ‘report phishing’ or ‘report spam’ options in your email service to mark the email as a phishing attempt. This alerts your email provider and helps track scam trends. The report option is typically found by clicking the dropdown menu next to the sender’s name or email address.
Delete the Email
Once you’ve forwarded and reported the email, delete it from your inbox. This removes the risk of accidentally opening the email or clicking any links in the future.
Do Not Provide Any Information
Never, under any circumstances, provide sensitive information in response to an unsolicited email. Even if the email threatens account suspension, makes enticing offers, or pressures you to act urgently, it’s a scam.
Change Your Amazon Password
Even if you’re certain you haven’t fallen for the phishing attempt, it’s wise to change your Amazon password as a precaution. Pick a strong, unique password to enhance security on your account. Enable two-factor authentication if you haven’t already for an extra layer of protection.
Watch for Other Suspicious Activity
Keep monitoring your Amazon account closely for any unusual activity that could indicate identity theft. Check order history frequently to confirm you authorized every purchase. Turn on purchase notifications to be alerted anytime an order is placed with your account.
How to Identify Legitimate Amazon Emails
Now that you know how to spot fake Amazon emails, let’s talk about what legitimate Amazon emails typically look like:
Comes from @amazon.com Address
The sender will have an email ending in @amazon.com, @email.amazon.com or @AWS.amazon.com. Third party sellers on Amazon use different email domains.
Addresses You by Name
Your name or account username will appear in the greeting, not a generic “Dear customer”.
Provides Order Updates
Many Amazon emails relate to your orders – shipping confirmations, delivery updates, refund notices, etc. These are normal and expected emails.
Relates to Your Account Activity
You may get emails when you create an account, make changes to account settings, or engage in key account activities. These emails provide confirmation of changes.
Advertises Amazon Services
Amazon sends promotional emails for things like Prime membership, Amazon credit cards or services, and deals. These are marketing emails meant to advertise legitimate Amazon offerings.
Contains Working Unsubscribe Link
At the bottom of every promotional Amazon email is an unsubscribe link you can use if you don’t wish to receive future marketing messages. This link should work if the email is legit.
Has Official Amazon Branding
Visual design elements like logo, fonts, and color scheme will match Amazon’s brand guide. Look for inconsistencies in visual presentation.
Protecting Yourself from Fake Amazon Emails in the Future
Here are some general tips to help avoid falling victim to Amazon email scams:
Be Wary of Any Unsolicited Emails
If you’re not expecting an email from Amazon, treat it with caution, even if it looks legitimate at first glance. Don’t open emails from random or unknown senders.
Hover Over Links Before Clicking
Hover your mouse over any links in emails without clicking to preview the actual URL. Fake links will often have mismatched or suspicious destinations.
Use Two-Factor Authentication
Two-factor authentication requires you to enter a unique single-use code from your phone when logging into your Amazon account from a new device. This provides an extra layer of security.
Check the Email Address
Take a close look at the sender’s full email address before engaging with any emails from Amazon or other companies. Double check that domain name matches the company’s official website.
Watch for Poor Grammar/Spelling
Typos, grammar mistakes, and other indicators of unprofessional communication can be a giveaway that an email isn’t legitimate.
Don’t Judge Based on Logos Alone
Fake emails often contain stolen logos from the brands they are impersonating. Just seeing a company logo isn’t enough to confirm an email is real.
Review Account Activity Frequently
Routinely check your Amazon order history for any sign of unauthorized access or suspicious purchases made from your account. Report issues immediately.
Never Provide Information in Unsolicited Emails
No legitimate company will ever email you out of the blue requesting private account or personal information from you. Give this data only on the company’s official website if you initiate contact.
What to Do if You Provided Information to a Fake Email
If you mistakenly engaged with a fake email and provided personal information, account details, clicked links, or downloaded attachments, take these steps:
Change Amazon Account Password
Immediately change your account password and security questions. Don’t use passwords or answers that could be guessed or found through social engineering.
Remove Saved Payment Methods
If you have a credit card or other payment method saved on your Amazon account, remove it. Scammers with account access can use saved cards.
Enable Two-Factor Authentication
If two-factor isn’t already enabled, turn it on for additional account security requiring verification codes to sign in.
Contact Amazon Customer Service
Notify Amazon about the fake email and possibility of account compromise. Amazon can take steps to lock down and monitor your account.
Watch for Suspicious Activity
Carefully monitor your Amazon account order history and credit card statements to identify any signs of misuse. Report unauthorized charges or purchases immediately.
Scan Devices for Malware
If you clicked links or attachments in a fake email, scan your devices for malware, viruses and spyware that may have been installed. Remove anything suspicious detected by your antivirus software.
Request Credit Reports
Contact the three credit bureaus to request free copies of your credit report to check for any accounts opened fraudulently in your name. Place a fraud alert and credit freeze if needed.
Change Reused Passwords
If you reuse the same password on multiple accounts, change it everywhere. Assume the scam email now has access to commonly reused passwords.
Beware of Follow Up Phishing Attempts
Scammers may send more fake emails attempting to take advantage of the account compromise to steal additional information. Remain vigilant.
How Can I Report Fake Amazon Emails?
If you receive an email you believe to be a fake trying to impersonate Amazon, here are some ways to report it:
Forward to Amazon
Forward the suspicious email to Amazon directly at [email protected]. This alerts them to active phishing scams abusing their brand.
Use Email Reporting Tools
Look for the “report spam” or “report phishing” links within your email service to flag the message. This helps your email provider.
Submit to the FTC
You can forward fake Amazon emails to the Federal Trade Commission phishing email address: [email protected].
Report to Domain Registrars
If you can identify the domain being used for the phishing site, report it to the domain name registrar. This could get fraudulent sites shut down.
Report to IC3
The FBI maintains the Internet Crime Complaint Center where you can file a complaint about phishing scams and cybercrimes.
Notify Amazon Customer Service
You can contact Amazon’s customer service department by phone to make them aware of fake Amazon emails circulating.
Are Fake Amazon Emails Illegal?
Sending fraudulent emails that attempt to impersonate and steal information from people is very much illegal. Here are some of the laws that fake Amazon emails break:
Wire Fraud
Phishing scams violate federal wire fraud statutes when they utilize email to obtain money or valuable data under false pretenses. This can be charged as a felony.
Computer Fraud and Abuse Act
The CFAA prohibits intentionally accessing a computer without authorization to commit fraud. Phishing scams fall under this category when they compromise accounts.
Identity Theft
Stealing personal information via fake emails can constitute identity theft. This has both federal and state charges depending on the scope of the theft.
Trademark Infringement
By mimicking Amazon’s logos and branding, phishing emails violate Amazon’s legally protected trademarks. This is a violation of trademark law.
Can-Spam Act
The CAN-SPAM act prohibits the use of misleading information in email headers, deceptive subject lines, and false claims in messages. Fake Amazon emails break these rules.
Law enforcement agencies like the FBI take email phishing scams seriously and pursue charges against those responsible when possible. The consequences for conviction can include hefty fines, restitution, and years in prison.
Conclusion
Fake Amazon emails are a prevalent threat online, but with vigilance, you can avoid being deceived. Be wary of unsolicited messages, look for signs of spoofing, and never provide sensitive information via email. If you suspect an email is fraudulent, report it to help prevent others from being victimized. With proper precautions taken, you can detect fake Amazon emails and keep your account and identity secure.