Amazon warns 200 million Prime customers that scammers are after their login info

Amazon warns 200 million Prime customers that scammers are after their login info

Amazon has sent out an alert to its 200 million customers, warning them that scammers are impersonating Amazon in a Prime membership scam.

In the email, sent earlier this month, Amazon said it had noticed an increase in reports about fake Amazon emails:

What’s happening:

Scammers are sending fake emails claiming your Amazon Prime subscription will automatically renew at an unexpected price.

The scammers might include personal information in the emails, obtained from other sources, in an attempt to appear legitimate.

These emails may also include a “cancel subscription” button leading to a fake Amazon login page.

Once someone clicks on the “Cancel’ button, they are taken to a fake Amazon login screen. Once they login there, the scammer then has their details that they can use to login to the actual Amazon site and purchase things, as well as login to any other online account that uses the same credentials.

The fake site might also request payment information and other personal details which, when entered, will go straight to the scammer who will be quick to use or sell them on.

Amazon’s customer base is so large that they are a target all year long. Amazon said its staff had handled cases including fake messages about Prime membership renewals, bogus refund offers, and calls claiming Amazon accounts have been hacked. At Malwarebytes, we’ve seen emails pretending to be from Amazon that tried to drive customers to fake websites like amazons.digital, a site we block for phishing.

Amazon warns 200 million Prime customers that scammers are after their login info 2

How to avoid falling for an Amazon scam

  • If you receive an email like this, don’t click on any links.
  • Not sure if a message is from Amazon or not? You can check by going to the Message Centre under Your Account. Legitimate messages from Amazon will appear there.
  • Report the scam to Amazon itself, whether you’ve fallen for it or not.
  • Set up two-step verification for your Amazon account. This puts an extra barrier between you and the scammers if they do manage to get hold of your login details.
  • Like in this particular scam that Amazon is warning about, scammers sometimes include personal details about you which they have got from other sources (such as social media, the dark web, etc.). Check what information is already out there about you using our free Digital Footprint Scanner and then remove or change as much of it as you can.
  • Install web protection that can warn you of phishing sites, card skimmers, and other nasties that could lead to your data being taken.
  • Lastly, if you’ve fallen for this or a similar scam, change your Amazon password and anywhere else you use that password. Also, make sure to monitor your card statements for any unfamiliar charges, and contact your bank immediately if you see anything suspicious.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.


Source link