In a critical alert sent earlier this month, Amazon has warned its 200 million customers worldwide about a sophisticated scam involving fake emails impersonating the company. The emails, which falsely claim that customers’ Amazon Prime subscriptions are set to auto-renew at an unexpected price, are part of a growing wave of phishing attacks targeting the e-commerce giant’s massive user base. Amazon’s alert, sent to all registered customers, underscores the increasing audacity of scammers exploiting the trust associated with the Amazon brand.
Malwarebytes, a cybersecurity firm that has identified and blocked phishing sites like amazons.digital, which mimic Amazon’s official platform. Amazon has reported a surge in scam attempts, including fake messages about Prime membership renewals, fraudulent refund offers, and phone calls claiming accounts have been compromised. These tactics prey on customers’ trust and urgency, aiming to extract sensitive information under the guise of resolving account issues
According to Amazon, the fraudulent emails often include personal details about recipients, likely obtained from external sources such as social media or the dark web, to appear legitimate. These emails typically contain a “cancel subscription” button that directs users to a fake Amazon login page. Once victims enter their credentials on these counterfeit sites, scammers gain access to their Amazon accounts, enabling unauthorized purchases or even access to other online accounts that share the same login details. In some cases, the fake websites also prompt users to input payment information and other sensitive data, which scammers can quickly exploit or sell.
To help customers stay safe, Amazon and cybersecurity experts have outlined several protective measures. First, customers are urged never to click links in unsolicited emails. Instead, they should verify messages by checking the Message Center in their Amazon account, where legitimate communications from the company are logged. Amazon also encourages users to report suspicious emails, whether they’ve fallen for the scam or not, to help track and combat these threats. Enabling two-step verification (2SV) on Amazon accounts is another critical step, adding an extra layer of security to prevent unauthorized access, even if login credentials are compromised.
Experts also recommend using tools like Malwarebytes’ Digital Footprint Scanner to identify and remove personal information exposed online, reducing the risk of scammers leveraging such data. Installing web protection software can further safeguard against phishing sites and other malicious threats. For those who may have fallen victim, immediate action is crucial: change your Amazon password, update passwords for any other accounts using the same credentials, and monitor bank statements for unfamiliar charges. If suspicious activity is detected, contact your bank promptly to mitigate potential losses.
Amazon’s proactive warning highlights the ongoing battle against cybercrime targeting its global customer base. By staying vigilant and following these guidelines, customers can protect themselves from falling prey to these deceptive scams.
Please follow us on Facebook and X for more news, tips, and reviews. Need cord cutting tech support? Join our Cord Cutting Tech Support Facebook Group for help. You can find Luke on X HERE.