Amazon.com’s Prime day (which is actually two days) hits this week. Each year, the e-commerce behemoth offers discounts on a wide range of products, from smart home devices to decidedly more niche products. It also presents a golden opportunity for scammers who already consistently target Amazon’s customers.
Here are a few of the most common Amazon.com scams and how to avoid them:
- Phony shipping status texts: A common scam sends SMS-based phishing, or smishing, messages to victims alerting them of an update to their pending shipment that can be accessed via a shortened link. The link itself may redirect the target to malware, or to a phony login page designed to capture their Amazon.com credentials or payment information.
The takeaway: Go directly to Amazon.com, or the shipping service (e.g. Fedex.com) to check for updates. Never click on a link from an unsolicited text, even if you are expecting a shipment.
- “There’s a problem with your order” emails: Scammers have also retooled familiar phishing email methods to specifically target Amazon.com customers. One of the more common schemes involves sending a perfect (or near-perfect) facsimile of an Amazon.com customer service email alerting the target to a problem with an order, typically with the payment method.
Victims who click on the link are often brought to a spoofed Amazon.com login page to enter their login credentials and payment information. From there, the scammer can use the captured data in a variety of ways. They can buy big-ticket items on the targeted account and re-sell them (gift cards are virtually untraceable and are a favorite for money laundering), they can check if login credentials match other accounts (called credential stuffing), or they can simply gather personal information from their target’s shopping history, including shipping addresses of friends and family, to commit more identity-related crimes.
The takeaway: Look for telltale signs of phishing or spoofed emails, including blurry or fuzzy logos, strange misspellings, or indications that the sender isn’t fully fluent in English. Always double check the sender’s email address and the URL of any website — scammers will often use seemingly related domain names like amazonshipping.com or amazon.shippinghelp.com to deceive victims into thinking they’re visiting an authentic site. Rather than clicking links in emails, log in directly to your Amazon.com account and check to see if there are notifications for your account.
- Unrealistically low prices: Some scams work within Amazon.com itself to snare their targets. Scammers will often create external seller accounts on Amazon and offer extreme discounts on popular items, which are perfect lures for bargain-hungry shoppers on Prime Day.
Once a victim pays for the item, they’ll either receive a shoddy imitation or, more commonly, nothing at all. The victim will then be faced with the choice of either paying international shipping costs to receive a refund, or to deal with Amazon.com’s own Byzantine system of reporting fraudulent or misleading sellers. Many victims will simply decide that the hassle isn’t worth following up on, especially for a relatively small amount of money.The takeaway: If a price looks too good to be true, it is. Avoid the urge to impulse buy an item at an unrealistically low price point. Be sure to pay with credit cards, which usually have easier processes for disputing charges or reporting fraud.