It’s 2022 and scammers have become all the more innovative. With the advent of technology comes a host of new problems that are puzzling and hoaxing people everywhere. One such fraudulent scheme we’re going to discuss in this article is Amazon phishing. These attacks have instilled a sense of fear in a large number of Amazon sellers owing to how extensive and detrimental they can get.
These phishing Amazon scams are on the rise and the level of sophistication in the technology being used by the scammers is advancing every day. However, there are bound to be slip-ups and some signs that are typically characteristic of these phishing emails that have come to be noted. In this article, we’re going to discuss and equip you with all that you need to know in order to protect yourselves from Amazon phishing attacks.
- What is Amazon phishing?
- What do Amazon phishing emails look like?
- How do phishing scams target Amazon sellers?
- How do Amazon sellers protect themselves from phishing?
- How to report phishing to Amazon?
- Final thoughts
What is Amazon phishing?
Phishing, in general, has been categorized as a cybercrime. It is when an individual or company gets impersonated by a criminal (referred to as a phisher), to extract information via phone calls, emails, bogus websites, etc. Many big companies over the last few years have been impersonated by phishers and more and more people are falling prey to these scams.
Amazon, being one of the biggest players in the market, has inspired a new phishing campaign. Emails are sent out in Amazon’s name whereby you’re asked to click on some link(s) that take you to a website that is very identical to Amazon.
Over here, you will be asked to enter your sensitive account information and password which the scammers will then use to commit embezzlement in whichever form they please. Scammers may also try to get to you over a phone call or SMS.
The Amazon phishing scams use Amazon’s logo and make the content look like it’s all officially from Amazon itself. They’re mainly in the form of emails. The emails provide malicious links that are actually information-gathering programs that when prompted to click on, start working to extract all your crucial account information.
For buyers, these emails usually state that there are issues with processing their bills and that in order to rectify them, customers need to click on the button provided which will say something like “Login to my account”.
For Amazon sellers, the emails usually state their Seller Central accounts are at risk or that their payments account and information need validation else their Product listings on Amazon can get compromised. They provide links to take action whereby you will be required to provide valuable, personal details.
What do Amazon phishing emails look like?
You need to be able to protect yourself from these phishers and not fall prey to their scams. In order to do that, it is important for sellers as well as buyers to know what these emails look like.
The high level of professionalism that scammers have come to adopt in order to mimic official Amazon emails is at an all-time high which is why it is difficult to identify them. However, some experts have decoded some of the signs with which you can tell when someone is trying to dupe you.
Some of the ways in which you can identify phishing emails are that they usually create a sense of urgency by asking you to click on the link to rectify some errors in your account, quickly within a day if possible. The email sent to you will also address you by your name to make it seem more legitimate.
The website or the link that you are being prompted to click on will usually look very fake as the actual URL will not have “Amazon” anywhere in it. Sometimes it may have “Amazon” in it but genuine emails usually only end with “Amazon”.
Characteristics of Amazon phishing emails:
Let’s look at some of the standard signs that are indicative of scams.
- Emails come with a sender address and while this may not readily show as a full email address all the time, you will be able to see the name with which the sender chose to send that email. Upon clicking on it, you will be able to see the complete email address of the sender. If it is anything that ends with a domain like “.art” or has email addresses that look like – email@example.com, firstname.lastname@example.org, or email@example.com, know that it is fake. Only return email addresses like amazon.com, amazon.co.uk, or anything ending with a legitimate domain name like the different marketplaces that Amazon has, is a safe email to open.
Genuine emails from Amazon always will come from an address ending in ‘@amazon.com’ or the email addresses listed here:
- Amazon has a policy of never asking you to disclose personal and sensitive information via email, text messages, or calls. Amazon has clearly stated that they don’t ask you for your National Insurance number. They also don’t ask you for information related to your bank account – credit card and PIN number, CVV, security passwords, expiration dates, bank account balance, mother’s maiden name, answers to typical security questions like mother’s maiden name, place of birth, name of your first pet, and most importantly, they will never ask you for credentials to your Amazon Seller Central account.
- The language used in these emails is usually poor and characterized by poor grammar because they are supposedly translated from one language into many more. Scammers don’t pay much attention to proofreading them and ensuring that they make sense. By only looking at the spelling errors you can tell that it is a fraud email.
How do phishing scams target Amazon sellers?
Amazon is a storehouse of information and it stores all the important information and details about its customers as well as the platform’s sellers. As mentioned earlier, these phishing scams target Amazon sellers so as to steal their account information and gain access to their bank account details and more.
Phishers also look to gain access to customers’ details through Seller accounts. Sellers are easy targets because the process they have to go through to retrieve their funds or undo the effects of phishing takes long. By the time they file their appeals and report the scam to Amazon, their funds get stolen and they lose access to their Amazon Seller accounts. This, in turn, means that the whole process of redemption takes longer, the protection offered is lesser and this results in huge losses for sellers.
The triggers that Amazon sellers need to watch out for are the telltale signs in the emails mentioned above. Sellers need to be cautious and carefully examine any links contained in the emails sent to them along with the return addresses. When you carefully examine those links, you will be able to see that it redirects to a fake website. The best way to examine the links is by hovering over them but never making the mistake of clicking on them.
How can Amazon sellers protect themselves from phishing?
We are now going to look at some of the ways in which one can protect themselves from phishing:
- If you ever receive an email asking you to make some changes or validate the information in your Seller Central account, the safest thing to do is to directly visit Seller Central and check if there are any requirements there.
- Amazon allows you to set up a 2 step verification process to log in. In order to be as safe as possible, always use this method to log in instead of the easy, quick login button.
- Make sure you always check the links and URLs provided in the email.
- Phishing emails often come with an ‘Unsubscribe’ button. If you click on this button, it shows them that yours are a working, valid email address that they can target in a more advanced manner the next time.
- A lot of times, these phishing emails might go directly to your spam folder. If you’re in the habit of checking your spam folder thinking there may be something important there and stumble upon a phishing email, you might think it’s authentic and open it. Please refrain from doing so.
- Your Seller Central passwords need to be as ironclad as possible and keep updating them at least twice or thrice a year. Avoid using anything generic like your name, parents’ names, birthdates, place of birth, etc. What works best is to use password generators and disable the autofill and “remember me” options and use different passwords for different accounts.
- Another way to protect your Amazon Seller account is by using a VPN that can always be turned on. VPNs come with high levels of encryption that work towards keeping you safe from Amazon phishing scams.
- Aside from the technological aspect of it, make sure that you only share your account password with trusted people. If an account has more than one administrator, ensure that your administrators are trustworthy people who will not share your credentials with anyone else.
- As mentioned above, Amazon never asks for personal information, so keep that in mind while assessing any suspicious emails or calls.
How to report Amazon phishing?
When you spot an Amazon phishing email, Amazon advises you to report it. Many sellers often have this question – “How do I report phishing emails to Amazon?” The process is rather simple. All you have to do is send an email to firstname.lastname@example.org. While sending this email, ensure you attach the phishing email so that the header information is all there and that makes it easier for Amazon to track down the source of the phishing attack.
If the phishing attack was via phone, you need to report it and fill out the form there to provide Amazon with all ample information and details so that they can take action accordingly.
Amazon is a massive platform and phishing attacks act as a hindrance to its reputation. Both sellers and buyers face phishing attacks alike. There are multiple ways in which fraudsters can try and get to you.
With a view to helping you protect yourself and keep your account secure along with your funds, we have listed all the ways in which you can easily avoid phishing scams and attacks. Follow all the instructions mentioned above, remember the triggers and signs to watch out for, and always pay attention to detail. As long as you follow these steps, you can be sure that you are safe from or at least at a very low level of risk from phishing.