Amazon Prime members are reporting fake email receipts like the one below, with links to a fake or phishing Amazon website that steals account credentials, personal and financial information. If the links in the fake emails are clicked, recipients will be taken to a fake Amazon page where they will be asked to re-enter their name, address, and credit card information. And, if they do, all that information will be sent to the cybercriminals behind the scam. Therefore, if you think you have been tricked by the same scam, please change your Amazon password and contact Amazon and your bank immediately.
An Amazon Prime Email Scam
Subject: Your Amazon.com order cannot be shipped.
There was a problem processing your order. You will not be able to access your account or place orders with us until we confirm your information. Click here to confirm your account."
Amazon will never send you an unsolicited email that asks you to provide sensitive personal information like your social security number, tax ID, bank account number, credit card information, ID questions like your mother's maiden name or your password. If you receive a suspicious email, report it immediately.
Suspicious emails or webpages not from Amazon.com often contain:
- An order confirmation for an item you didn't purchase or an attachment to an order confirmation - Note: Go to Your Orders to see if there is an order that matches the details in the email. If it doesn't match an order in Your Account, the message isn't from Amazon.
- Requests for your Amazon.com username and/or password, or other personal information
- Requests to update payment information - Note: Go to Your Account and select Payment options. If you aren't prompted to update your payment method on that screen, the message isn't from Amazon.
- Links to websites that look like Amazon.com, but aren't Amazon
- Attachments or prompts to install software on your computer
- Typos or grammatical errors
- Forged email addresses to make it look like the email is coming from Amazon.com- Note: If the "from" line of the email contains an Internet Service Provider (ISP) other than @amazon.com, then it's a fraudulent email.