Amazon Phishing - What Is It?

Table of Contents

1 What Is Amazon Phishing Fraud?
2 What Are the Types of Phishing?
3 Why Do Phishers Prioritize Merchants?
4 Tips to Detect Phishing Message
- 4.1 Suspicious messages or webpages not from Amazon.com may contain:
5 How to Identify Phishing Emails?
- 5.1 Tips to protect yourself from phishers
6 Gift Card Phishing
- 6.1 Gift card phishing types
7 How to Avoid Payment Scams?
- 7.1 To avoid payment phishers
8 How to Report Phishing?
- 8.1 How to report phishing to Amazon?
9 Wrap Up

All of you heard about spoof emails or calls from online scoundrels who want to steal your personal data. In many cases, they can resemble emails that Amazon sends you or link you to websites that look like Amazon.

Often, such messages look like unusual activities on your account or have any other suspicious signs. Also, they can contain information that is too good to be true.

Sellers are pretty often targeted by Amazon phishing emails. According to the Federal Trade Commission, the online giant was the business most frequently attacked by online hijackers.

Such cyberattacks are extremely dangerous since they risk your financial and personal security and can steal your identity.

Amazon phishing scam is one such case. Scammers can send you emails or text messages and make phone calls using advanced and sophisticated technology. That means you should be alert and react immediately if you suspect something like that has happened to you. If you suspect that you’ve received a message you think may not be from Amazon, you need to report it immediately.

Read further to find out everything you need about Amazon phishing and where to send Amazon phishing emails.

What Is Amazon Phishing Fraud?

Phishing Amazon is any correspondence or other communication that aims to obtain sensitive personal information from Amazon buyers and sellers. That may include credit card payment details, personal data, or account information.

A phishing email pretends to be from a reputable source; however, in reality, it is sent by hijackers that want to access your personal information by asking you to open an attachment containing malware or click a link that redirects you to a spoofy website.

That means if you’ve got an email claiming to be from Amazon that seems suspicious, it may be a phishing email. Phishing emails may include a link to a website resembling Amazon.com, but it appears fake. Such a site requests you to disclose your username and password or ask to install unwanted software. If you’ve received a suspicious message, it’s recommended to delete it without opening attachments or clicking links.

You should remember that scammers may use high-quality spoofed emails and websites that imitate Amazon’s customer service portals in the slightest detail. Their emails may contain marketplace logos or other pictures to convince you that the email or website is legitimate.

If you suspect that you’ve received an Amazon phishing email, report it to Amazon immediately.

What Are the Types of Phishing?

The types of phishing are spear phishing, vishing, email phishing, HTTPS phishing, pharming, and more.

Spear phishing

Spear phishing targets online to steal their login credentials.

Vishing

Vishing, or “voice phishing” for short, is when scoundrels try to steal information over the phone, pretending to be a reputable organization or a trusted friend.

Email phishing

With email phishing, the hijacker sends an email that looks legitimate that tries to engage the recipient into entering personal information.

HTTPS phishing

An HTTPS phisher sends an email with a link to a fake website where they try to trick you or ask for private information.

Pharming

With pharming, the user gets malicious code installed on their computer. This code then directs to a spoofy website that gathers their login credentials.

Pop-up phishing

Pop-up phishing shows a pop-up window about your computer’s security or some other issue that tricks you into clicking. You are then directed to download a file that appears to be malware or to call a fake support center.

Evil twin phishing

This type of phishing uses a false Wi-Fi network. When you log in to it, your sensitive details are stolen.

Watering hole phishing

With this type of phishing, a hacker infects the users’ computers to penetrate the network.

Whaling

Whaling targets senior executives because they have access to sensitive areas of the network.

Clone phishing

In clone phishing, the attacker makes an identical copy of a message the user has already received and includes a malicious link.

Social engineering

Social engineering pressure the victim into revealing sensitive information by manipulating them psychologically.

Angler phishing

This type of phishing uses spoofy social media posts to get users to provide login info or download malware by offering them a refund or a reward.

Smishing

Smishing is phishing through a text message or SMS asking for personal details.

Man-in-the-middle (MTM) phishing

The hacker gets in “the middle” of two users and hijacks the information they exchange.

Website spoofing

Here, scoundrels create a fake website that looks legitimate. When you use the site, your data is stolen.

Domain spoofing

Domain spoofing is when scoundrels imitate a company’s domain to trick people into entering sensitive information.

Image phishing

It uses images with malicious files to steal your account info or infect your computer.

Search engine phishing

This type of phishing involves spoofy products that look attractive. When these pop up in a search engine, the victim is asked to enter personal information before purchasing, which is then stolen.

Why Do Phishers Prioritize Merchants?

Online sales attract a lot of customers due to their trusted reputation. In turn, sellers trust Amazon security because it works,

However, with millions of deals, especially during Black Friday, Cyber Monday, and Christmas sales, it’s difficult to avoid phishing. High sales volumes attract scams because there’s cash in it.

Also, competition may hire hackers to destroy your seller’s reputation.

Example of Amazon phishing

Tips to Detect Phishing Message

An email, phone call, text message, or webpage from Amazon contains sure signs. If you don’t see them, you are not recommended to open attachments or click suspicious links. If you’ve by chance already opened an attachment or clicked a suspicious link, go to Protect Your System.

Suspicious messages or webpages not from Amazon.com may contain:

links to websites that look like Amazon.com but aren’t from them;
websites don’t have a dot before “amazon.com.” A legitimate URL should have a format http://”something”.amazon.com;
the link takes you to a site that is not a legitimate domain;
an order confirmation for a product you didn’t purchase or an attachment to an order confirmation;
requests to update payment information that is not linked to a marketplace order;
attachments or requests to install unwanted software;
grammatical errors;
for phone calls, they may ask you to disclose sensitive personal information, which Amazon will never do.

How to Identify Phishing Emails?

Apart from regular notifications from Amazon, such as Sold, Ship Now emails, or Technical Notifications, there’s a chance that you suddenly receive emails that were not sent by them, even though they might look very similar.

You can identify such messages by their target – they all attempt to convince you to reveal sensitive account information.

Often these emails direct you to a spoofy website that looks identical to a marketplace website, where you are requested to give account information, such as your email address and password details.

Tips to protect yourself from phishers

• understand what Amazon won’t ask in an email:
◦ bank account information;
◦ credit card number;
◦ PIN or credit card security code;
◦ any information to identify you;
◦ your Seller Central account password.
• review the email for grammatical errors;
• check the return address; it should end in:
◦ amazon.com
◦ amazon.co.uk
◦ amazon.de
◦ amazon.es
◦ amazon.fr
◦ amazon.it
◦ amazon.lu
◦ amazon.com.au
◦ amazonsellerservices.com
◦ amazon.ae
◦ sell.amazon.com.au
◦ amazon.sa
◦ sell.amazon.com
◦ gs.amazon.cn
◦ sell.amazon.ca
◦ vender.amazon.com.mx
◦ venda.amazon.com.br
◦ sell.amazon.co.uk
◦ sell.amazon.sg
◦ satis.amazon.com.tr
◦ amazon.com.tr.
• check the website address; it should always end with “.amazon.com”, “amazonsellerservices.com,” or “sellercentral.amazon.com;”
• do not unsubscribe via forged email that claims to provide a method for unsubscribing;
track your orders with The Sold, Ship Now email notification or use the Manage Orders feature in your account;
• avoid offers that sound too good to be true.

Gift Card Phishing

There are cases when scams that may request payment using Amazon Gift Cards. You shouldn’t use Gift Cards to make a payment outside Amazon. Use those that include a card network brand (e.g., Visa, MasterCard, American Express, or Discover) at sellers that accept these card brands. Don’t give them directly for payment or disclose card details.

Gift card phishing types

social security or identity phishing – “issue” with your Social Security number, account, or other credentials;
job offer scams – unsolicited email or call suggesting you “a job”;
fake online listings scam – you are asked to pay for an item using gift cards and tell codes by email or phone;
boss scams – suspicious email or text message from your boss asking you to purchase Amazon Gift Cards and telling the codes to them;
caller ID spoofing – a fake phone call from “Amazon”; scammers using fake caller ID information pretend to be, for example, Customer Service, and ask for credit card ID or bank account number;
family emergency scams – email or phone call from someone claiming to be a lawyer representing a family member who needs your immediate financial help;
unpaid debt and tax scams – suspicious email or phone call that asks for a payment of taxes or fines with a gift card;
email or text scams – message saying that you’ve been gifted an Amazon.com Gift Card that doesn’t come from the number 455-72 or the pattern “Jane Doe – Happy Birthday to you! – https://www.amazon.com/g/EXAMPLECLAIMCODE”.

Example of Amazon Gift Card phishing

How to Avoid Payment Scams?

If you’re unsure whether the message is legitimate, always check the message details of the recipient, and pay attention to the purpose of the requested payment. Don’t send the payment until you’re sure it’s a safe source.

To avoid payment phishers

don’t deal with a seller who directs you off the Amazon website;
don’t send money to a seller who states that Amazon will guarantee the transaction or refund if you’re not happy with the purchase;
don’t transfer money to claim lottery or prize winnings;
don’t send payment because you’re granted a credit card or loan;
don’t respond to an internet or phone offer that you’re not sure is legitimate;
don’t send money if you can’t verify the recipient’s identity;
don’t respond to emails that ask you to provide personal and account information.

How to Report Phishing?

You can report an Amazon phishing email to the Federal Trade Commission (FTC), which takes care of complaints about unfair business practices. To file a complaint, visit https://ftccomplaintassistant.gov, call 1-877-FTC-HELP, or write to Federal Trade Commission, CRC-240, Washington, D.C. 20580.

If you want to file a complaint against a company outside the United States, visit http://www.econsumer.gov.

How to report phishing to Amazon?

If you suspect that phishers have targeted you, contact Amazon. Sign in to your Amazon account, or sign up for an Amazon account if you don’t have one, and inform them about the issue. Amazon’s Customer Protection Review team will take care of the problem.

Wrap Up

The more business shifts online, the more the associated risks move online as well. Cybercrime has become not only the headache of large companies but also individual sellers. Merchants making business on the platform are often targeted by spoof emails and calls from online hijackers who want to steal their personal data. Such messages can look like emails that Amazon sends sellers or links to websites that resemble Amazon. com.

Typically, such messages contain suspicious or unexpected information, including requests to disclose your personal information or link you to third-party websites. Such cyberattacks are extremely dangerous; you need to report that immediately.

You can report phishing emails to the Federal Trade Commission (FTC) or sign in to your Amazon account and inform them about the problem. They’ll connect you with the Customer Protection Review team, which will help you deal with the issue.

However, not only should you care about your security online. You should see to it that your business is profitable.

Therefore, it’s paramount to keep track of your products’ performance efficiency constantly. To maximize your sales volumes, it’s necessary to keep track of all your product’s metrics continually. You can control your sales indicators and overall store profitability by doing that.

Amazon monitoring software is an efficient way to stay on top of your sales. SellerSonar offers instant Amazon alerts to protect your sales. You are aware of listing changes, Buy Box hijackers, new/deleted reviews, keyword rank history, and product suppressions with us.