There are many email scams themed around Amazon and Amazon Prime. Featured is a typical phishing scam received by a Hampshire resident. There are several ways of spotting a scam, some obvious, some not so. In this case, the resident does not have an Amazon or Amazon Prime Account, which put the recipient on alert immediately.
The email purports to come from Amazon ‘Prime Support Team’ and is titled ‘Notification alert from Asisstant Amazon’, the word ‘Alert’ is used to add urgency to the message (note misspelling of assistant).
The email starts by telling the ‘Amazon Customer’ (note, not personally addressed) that action has been taken to put all pending orders and their account on hold due to a billing problem. It then asks the recipient to resolve the problem by clicking on the link provided, and to give the required information.
The paragraph after the link is designed to make the recipient take action. There is a change of tone and font colour. A deadline is given, and consequences of not taking action are outlined. The sender wants to keep the recipient in the email, and for them not to go into their account, so there is a demand not to open another account.
To finish, the email ends in a polite manner, designed to reassure and praise the recipient by doing the right thing and taking security seriously.
The Email Scam
Typical scam errors and tactics
Revealing the sender
By hovering over the email address with the mouse, or by hold and release on a touch screen, the sender's true address, here circled in red, is revealed. Obviously not Amazon:
Revealing the link
The scammer wants the recipient to click on the yellow ‘update now’ button. By hovering over the yellow box with a mouse, or by hold and release on a touch pad, the true destination will be shown. In this case not to Amazon, but to a different website, here circled in red (note, this website closed after 3 days):
Some scams emails are fairly convincing, they are constantly changing. However, they are all designed to trick the recipient into responding. That might be by trying to worry the recipient into responding, or to bait them into responding with a tempting offer or reward.
Look for the warning signs:
- Is the sender known? If not, treat with caution
- Use the methods above to check who the real sender is. Sometimes, the email can appear to come from the recipient’s own email address, definitely a scam attempt
- Is it likely that the sender would make contact in this way?
- Check for spelling and grammatical errors
- Is there a sense of urgency about the email? Is it threatening, is it offering a reward, is there a time limit?
- Never click on links from unknown sources. Use the methods above to check the link details
- If concerned, do not use the link given in emails. A safer way is to come out of the communication, and go to your account though your own browser or via an App
- Stop, take your time, think, don’t panic, ask a trusted friend
- If in any doubt, do not respond
Scam emails can be reported to Action Fraud - Tel. No: 0300 123 2040. If card or bank details have been revealed, then speak to your financial institution immediately.
To report scams or to obtain advice, contact our partners at the Citizens Advice Consumer Service on 0808 223 1133 (please note that this service is receiving a higher than average number of calls at present).