top of page

Amazon issue scam warnings ahead of Black Friday and Cyber Monday mayhem

Amazon, one of the world’s biggest online retailers, have issued scam warnings ahead of the busy Black Friday and Cyber Monday sale dates, and as one of our go-to sites for online shopping, we’re amplifying their message here…


In an email to all customers, Amazon stated that during this time of year they often see a surge in impersonation scams and went on to offer guidance to stay safe by learning to identify and avoid them. 


In impersonation scams, a scammer reaches out to you pretending to be someone you trust to get sensitive information like national insurance numbers, bank information, or Amazon account details. Scammers change tactics quickly making them hard to detect.


One scam ‘trend’ to be aware of is email attachment scams. Scammers send emails posing as Amazon and include pdf attachments stating that your account will be suspended or put on hold. These attachments prompt you to click on a fraudulent link to “update your account.” These links lure you to provide personal information such as payment information or account login credentials.


It’s advised that you do not click on any links or provide your information without authenticating the email or verifying the link. Visit Amazon’s Message Centre which displays a log of authentic communications sent from Amazon.


Also ‘trending’ are Prime membership scams. These are unexpected calls/texts/emails that refer to a costly membership fee or an issue with your membership that ask you to confirm or cancel the charge.


These scammers try to convince you to provide payment or bank account information in order to reinstate a membership.


Amazon state they will never ask you to provide payment information for products or services over the phone. To verify your Prime Membership status or make payments, log into your Amazon account, and go to Your Account.



Here are five important tips to from Amazon to identify scams and keep your account and information safe:

  1. Trust Amazon-owned channels: Always go through the Amazon mobile app or website when seeking customer service, tech support, or when looking to make changes to your account.

  2. Be wary of false urgency: Scammers may try to create a sense of urgency to persuade you to do what they're asking. Be wary any time someone tries to convince you that you must act now.

  3. Never pay over the phone: Amazon will never ask you to provide payment information, including gift cards (or “verification cards,” as some scammers call them) for products or services over the phone.

  4. Verify links first: Review the link for misspellings or repeated characters. Legitimate Amazon websites contain "amazon.co.uk" or "amazon.co.uk/support." Go directly to their website when seeking help with Amazon devices/services, orders or to make changes to your account.

  5. Verify email senders: Legitimate Amazon emails contain “@amazon.co.uk”. In your web browser, hover over the display name under “From” to see full sender address. Look for misspellings or added or substituted characters. Visit their Message Centre to view authentic messages from Amazon.

If you receive communication - a call, text, or email - that you think may not be from Amazon, please report it to them at amazon.co.uk/reportfraud.


Of course, many other retailers are available, but because Amazon has 310 million active users this year, with an average daily sales revenue in the region of $1.4 billion, we thought we’d share their guidance as it's highly likely that anyone reading this blog has used - or will use - Amazon at some point.

 

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

 

Commenti


The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.

 

EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page