Identify Fake Amazon Email
You might have received a somewhat suspicious email from Amazon telling you an urgent action was necessary and you need to follow the enclosed link to rectify this issue. Usually, this fake Amazon email arrives late at night when you had a hard day in the hope that you let your guard down and give them your login credentials through a spoofing website (Wikipedia). Normally the scammers also try to give you the impression that the email actually came from Amazon with the help of a spoofed email address.
Recently I received such a scammy Email myself and I would like to help you protect your Amazon account. Below is an example of the fake Amazon Email in German that I received but the same is true for any other language. I am going to dissect each part of it bit by bit to show you why it is fake.
So how do you identify fake Amazon Emails?
Ihr Nutzerkonto wurde eingeschränkt!
Sehr geehrte Kundin, sehr geehrter Kunde,
um stets die gewohnte Sicherheit von Amazon gewährleisten zu können, arbeiten wir konstant an unserem Sicherheitssystem.
Leider müßen wir Ihnen mitteilen, daß wir verdächtige Aktivitäten im Zusammenhang mit Ihrem Amazon-Konto festgestellt haben.
Aus Sicherheitsgründen haben wir Ihr Konto, um einen möglichen finanziellen Schaden zu verhindern, vorerst eingeschränkt.
Um Ihr Konto wieder gewohnt nutzen zu können, ist eine kurze Identitätsprüfung notwendig.
Dadurch wollen wir sicherstellen, daß Sie der rechtmäßige Inhaber dieses Kontos sind.
Wir entschuldigen uns für mögliche Unannehmlichkeiten und hoffen auf Ihr Verständnis.
Mit freundlichen Grüßen,
Ihr Team der Amazon.de Kontosicherheit
Dies ist eine automatisch versendete Nachricht.
Bitte antworten Sie nicht auf dieses Schreiben, da die Adreße nur zur Versendung von E-Mails eingerichtet ist.
© 1998-2017, Amazon.com, Inc. oder Tochtergesellschaften
The general appearance looks unprofessional and the layout is poorly formatted.
Links appear to be broken and/or another website is called like “saved.im” to host the amazon logo. E.g. <http://saved.im/mtgymti3atzv/amazon-logo_v175169556_.gif> Amazon have their own servers and they would never use an outside company to provide their links.
Try to spot any typos: “Adreße” meaning address is spelt “Adresse” in German. As an Amazon customer, you can expect perfect grammar and spelling.
Use of URL shorteners like bit.ly. <http://bit.ly/2q02obR> Besides being a huge online retailer Amazon also maintains one of the biggest cloud infrastructures in the world. They do not need to rely on an outside party to forward their links.
All links must originate from an official Amazon domain, e.g. xyz.amazon.com, xyz.amazon.de or xyz.amazon.co.uk. Here xyz stands for a subdomain but the main domain must always be something like amazon.com or amazon.fr. If it is not the website is a phishing attack. This is an example of a fake website: http://security-amaz-on.com/ that is trying to get your password via phishing.
Is there an attachment? Do not open it, the Email is most likely fake if you don’t expect one.
The Email is urging you to log into your account to verify your data due to some issue to put you under pressure.
Spot a phishing site. A fake website usually has no other functionality than a login. The login page is usually designed perfectly like the original and an exact copy. You can’t browse the whole Amazon store under that fake domain because that would be too much work for the scammer.
[Similar to above. If you are already on a suspicious website see if it has all the characteristics of an Amazon site but do not enter any details, even if in doubt.]
What can you do?
- Don’t panic. If there is really an issue with your account Amazon will usually allow a reasonable time to respond.
- If it is late at night, take another look at the email in the morning.
- Type the amazon domain directly into your browser, so you know that you are really on their website and not on a scammy one. You find all your messages from Amazon under Your Account > Message Centre.
- Forward the suspicious email to email@example.com They will take care of it but you will most likely not get a response.
- If you are still unsure give them a call to verify the Email.
- In case you gave your logins to the fraudulent website you need to change your password immediately and contact Amazon and if necessary also your bank.
- Should the scammer be so stupid to abuse Amazon’s Cloud products, e.g. if a link in inside the email uses the domain amazonaws.com, you can report them at firstname.lastname@example.org or here.
- Delete and report as spam. If you fell victim to the scam it may be better to hold on to the email as evidence to help the police, bank and Amazon investigate.