EXECUTIVE SUMMARY:

Since last year, Amazon scam emails have increased by 500%. The online retailer’s popularity has transformed it into an attractive target for phishers.

Among the latest schemes? Fake Amazon cancellation emails, which arrive in your inbox despite the fact that you may not have purchased anything at all from the company.

Avoid clicking on fake messages, and falling for scams. Here’s what to know…

Fake Amazon cancellation emails

Fake Amazon cancellation emails can appear sophisticated or clumsy – it depends on the cyber criminal or criminals behind the campaign.

Either way, unsuspecting users may accidentally click on an in-email link in order to learn more about the supposed cancellation.

The link is the trick. Phony links can lead to fraudulent web pages or can result in inadvertent malware downloads.

Sample fake Amazon cancellation email

A fake email might read as follows and may even include an Amazon logo:

Dear Customer,

Your order has been successfully canceled. For your reference, here’s a summary of your order.

Your canceled order is #4254-3333345-938d37274

            Click here for more information

Status: CANCELED

While a cancellation email might appear legitimate, go to your actual Amazon.com account to confirm the authenticity of the email. After investigating your order history, if you’re still unsure about the email, reach out to an Amazon customer service representative.

Other fake Amazon emails

Fake cancellation emails aren’t the only online piranhas to watch out for. Cyber criminals also distribute fake emails pertaining to shipping, technical details, account updates, and payment verification, among other topics.

How to avoid the fakes

  1. Genuine Amazon emails only come from a handful of specific email addresses (@amazon.com or @amazon [specific international location], as listed below)
  • co.uk
  • de
  • es
  • fr
  • it
  • lu
  • com.au
  • com
  • ae
  • amazon.com.au
  • sa
  • amazon.com
  • amazon.cn
  • amazon.ca
  • amazon.com.mx
  • amazon.com.br
  • amazon.co.uk
  • amazon.sg
  • amazon.com.tr
  • com.tr
  1. Search the email for grammatical or typographical errors. Some phishing emails are still translated from other languages without being proof-read.
  2. Look for incorrect address information within the email. For example, is the street name missing?

If you find a faux-Amazon email, consider reporting it on Amazon’s “Report Something Suspicious” page.

The magnitude of the problem

According to the US Federal Trade Commission, Amazon.com is among the most frequently impersonated businesses. From June 2020 through June of 2021, more than 96,000 individuals reported being targets of Amazon.com-related scams.

More than 6,000 of those individuals stated that they lost money to scammers – an average of $1,000 per individual.

If you become a victim…

If you become a victim of an Amazon-related phishing campaign and experience financial theft, reach out to your bank or credit card company, as it may be possible to dispute the charges.

When it comes to Amazon emails that could be phishing schemes, ensure that you verify the authenticity of the emails through appropriate channels.

Share phishing prevention tips with your colleagues and contacts. Discover 14 phishing red flags here. In addition, see CyberTalk.org’s past coverage pertaining to the 10 top anti-phishing best practices.

Understanding the latest trends can help you protect your organization. Get additional phishing related insights throughout this week during #Phishingweek2022 – Feb 28th through March 4th

RELATED ARTICLESMORE FROM AUTHOR