Top Amazon scams to avoid in 2023

Amazon scams use every trick in the book to convince you they’re genuine. Here are some of the most common attempts we’ve seen so far.

    Amazon parcels on a conveyor belt

    BY GEORGE MARTIN

    LAST UPDATED 14 MARCH 2023

    Amazon scams are big business, with fraudsters frequently impersonating the e-commerce giant due to its huge customer base, brand familiarity and global presence. 

    With millions of customers and subscribers to its Prime delivery and video service, fraudsters regularly target Amazon customers (and the wider public) with cold calls and a variety of different phishing emails in attempts to capture sensitive personal information, including your bank and card details.

    This is a round-up of some of the most common Amazon scam attempts spotted recently. We explain how you can spot the phoney cold calls, recognise the fake emails and keep your Amazon account secure.

    AMAZON PRIME COLD CALL SCAMS

    An extremely common nuisance call posing as Amazon has been plaguing the UK for years – its goal is to connect you to a fictional ‘account manager’ and often involves the installation of remote access software on your device, which gives the scammer control.

    The call is initially automated (sometimes known as a ‘robocall’), with an electronically generated voice telling you that your subscription to Amazon Prime is about to be ‘renewed’ – the figure quoted for this fake renewal is often £39.99, though scammers may change their tactics now that Amazon has hiked its own prices.

    The voice goes on to tell you to ‘press 1’ in order to be connected with someone who can supposedly stop the renewal from taking place. But it’s all a ruse – the person you’re connected with will begin the process of extracting your personal information, such as bank details and passwords, and implore you to install the software that will allow them to take control of your device.

    How can you tell if a call from Amazon is genuine? Amazon will never ask you to disclose or verify sensitive personal information. It states that it will not offer a refund you do not expect and is imploring customers to report suspicious activity involving its brand.

    In depth: What is the Amazon Prime ‘renewal’ scam call and how does it work?

    An Amazon spokesperson said: “Scammers that attempt to impersonate Amazon put our customers and our brand at risk. Although these scams take place outside our store, we will continue to invest in protecting customers and educating the public on scam avoidance. 

    “We encourage customers to report suspected scams to us so that we can protect their accounts and refer bad actors to law enforcement to help keep consumers safe. Please visit our help pages to find additional information on how to identify scams(opens in new tab) and report them.(opens in new tab)

    FAKE AMAZON ‘LOCKED ACCOUNT’ EMAIL

    Fake emails using convincing Amazon branding were reported throughout 2022. The emails tell the recipient that their Amazon account has been ‘locked’, and that they must take urgent action to verify it. 

    The emails provide a convincing-looking button designed to take you through to a website that has nothing to do with Amazon.

    Fake websites like this pose as the brand they purport to be from and encourage you to enter your log-in information and/or card details into a fake log-in screen or form. Once you’ve done this, the scammers will be in possession of the information you entered.

    You can often spot phishing emails by taking a moment to assess the communication. An email may appear genuine at first glance, but has it arrived from a genuine Amazon email address? Does the text of the email contain spelling and grammatical errors? Is it linking to a website that isn’t Amazon’s usual domain name?

    FAKE AMAZON ‘ORDER’ EMAIL

    Operating in exactly the same way as the fake ‘locked account’ email, scammers will also send fake emails confirming an ‘order’.

    The scammers are relying on you becoming panicked by being charged for an order that you didn’t place and are hoping that you’ll click through to their fake site directly via the email.

    But once again you should take the time to assess the email before making any rash decisions. Visit the official Amazon site via a separate browser window and log in to your account in the usual way – are there any orders on your account that match what the email is telling you?

    If not, the email is almost certainly fake. However, if you’re unsure, contact Amazon via the official site (not the suspicious email) and ask it to clarify.

    An Amazon spokesperson said:

    “We’ve introduced email verification technology for emails sent by Amazon to protect customers from phishing scams. For customers with email clients supporting the technology, including many of the large providers – Gmail, Yahoo!, and AOL – emails from Amazon will now include our ‘Smile’ logo in thumbnails, indicating that they’ve passed security checks. If customers see the ‘Smile’ logo next to emails coming from an @amazon.co.uk sender, that will indicate that the email is genuinely from Amazon.”

    Before:

    After:

    AMAZON GIFT CARD SCAM

    Another common phishing email tactic is to notify a potential victim that they’ve won a ‘gift card’ or some sort of ‘reward. In July 2022, Action Fraud said it had received nearly 300 reports of the fake gift card emails, with the links included in them leading to phishing websites designed to steal personal and financial information.

    Amazon will not suddenly offer you a gift card out of the blue. Inspecting these emails closely will likely reveal additional hallmarks of a fake email in the same style as the ‘locked account’ and ‘delivery’ attempts.

    Amazon has more information about how to spot Common Gift Card Scams(opens in new tab).

    FAKE AMAZON TEXTS

    While not as common as other Amazon scam attempts, occasionally fraudsters will attempt to lure you to fake websites via SMS text message.

    Like the phishing emails, these sites link to a website that has nothing to do with Amazon, which will likely ask you to enter sensitive information, such as your Amazon password.

    Amazon says it will never ask for your password or personal information by text message. If you’ve received a text message like this, do not follow the link and instead check if there’s an issue with your account with Amazon via its official channels.

    FAKE AMAZON UNCLAIMED PACKAGES

    Fake ads have been spotted on Facebook recently, offering to sell unclaimed Amazon packages at huge discounts.

    It may say “It’s the best time of the year to buy Amazon unclaimed packages”, and refer to “amazing value”. It may also say: “If they go unclaimed for 3 months, we sell them at 80% off!”

    To be fair, Amazon does have lots of unwanted and returned items, so some people could fall for it and click on it.

    However, we asked Amazon about the adverts and they said they looked like a scam and confirmed that they were not associated with Amazon.

    If you see one of these posts on your Facebook newsfeed, do not click any links or attempt to make a purchase. If you do, you may pay for merchandise that never arrives, give your credit/debit card info to a scammer who will use it to drain your account, and/or possibly download malware onto your computer or mobile device.

    If you’re wondering where all the unwanted and returned items go, Amazon works with liquidators in Europe and the US to sell the stock. 

    AMAZON ‘BRUSHING’ FRAUD

    ‘Brushing’ is a process in which sellers on Amazon’s marketplace send people packages that they didn’t order. The purpose of this is so they can use the fabricated ‘transaction’ to leave themselves positive reviews, boosting their seller rating/scores and making themselves appear popular and trustworthy.

    The issue of ‘brushing’ has been widely reported across the media with millions of UK households potentially affected.

    Amazon says that the packages are being sent to publicly available names and addresses, so while there’s no obvious sign that your personal data has been breached, and that this isn’t a ‘scam’ in the traditional sense, the unsolicited packages can quickly become a nuisance with some households inundated with unwanted items.

    According to Amazon, third-party sellers are prohibited from sending unsolicited packages to customers. Amazon says that these deliveries should be reported immediately via its Customer Service, but there’s no need to return the item.

    Amazon says(opens in new tab) it will take appropriate action against those that violate its policies. This could include suspending or removing selling privileges, withholding payments and even working alongside the police.

    An Amazon spokesperson said: “Third-party sellers are prohibited from sending unsolicited packages to customers, and we take action when our policies are violated, including by withholding payments, suspending selling privileges, and reporting bad actors to law enforcement.

    WHAT TO DO IF YOU’VE BEEN SCAMMED

    If you think you may have given your banking/card details away to scammers then you should let your bank know what’s happened immediately by calling it on its official fraud number.

    The bank should work with you to get your money back after a scam, but this will vary depending on how the scammer stole your money. Here’s everything you need to know about recovering your money after a scam.

    You should also report the incident to Action Fraud(opens in new tab).

    TWO-FACTOR AUTHENTICATION

    Amazon accounts support two-factor authentication, which adds a vital layer of extra security to your account when you log in.

    With two-factor authentication enabled, Amazon will request that you also enter a security code after entering your password. This security code is sent by text message to your phone or can be generated via your own authenticator app.

    Amazon’s guide to two-factor authentication(opens in new tab)

    This will ensure that even if someone has gained access to your password, they still will not be able to proceed without the security code.

    Experts recommend that you switch on two-factor authentication for any of your accounts where it’s an option, but especially accounts which hold sensitive information.

    HOW TO REPORT AMAZON SCAMS

    Amazon has a dedicated page explaining how you can report suspicious phone calls, emails or text messages:

    For ‘Brushing’ fraud specifically, it encourages you to report to its Customer Service.

    Outside of Amazon directly, phishing emails can be reported to the National Cyber Security Centre (NCSC) on report@phishing.gov.uk(opens in new tab) 

    The NCSC can then work to remove the fake websites that phishing emails link to.

    Amazon has recently issued advice via email to customers containing the following four rules to follow if you’re unsure about a communication you’ve received:

    1. Never feel pressured to give information (such as your credit card number or account password) over the phone, especially if the call was unexpected.
    2. Never pay over the phone. Amazon will never ask you for payment over the phone.
    3. Trust Amazon-owned channels: always go through the Amazon app or website when seeking customer support.
    4. Be wary of false urgency: be wary if something tries to convince you to ‘act now’.