Amazon Prime Day scams: Here’s what to look out for
This Prime Day, millions of Amazon users are at risk of being scammed. With so many asking “Is Amazon safe?” it’s clear that understanding the different types of fraud targeting online consumers is necessary. Find out how to protect yourself when shopping on Amazon.
Table of Contents
Table of Contents
What is Amazon Prime Day?
Prime Day is a massive online shopping event organized by Amazon. During this event, Amazon Prime members can access exclusive deals and discounts. Launched in 2015 to celebrate Amazon’s 20th anniversary, Prime Day has grown into one of the biggest shopping events of the year.
Prime Day usually occurs around mid-July and lasts a couple of days. Like Black Friday and other yearly sales, it’s an opportunity for thousands of sellers on Amazon to slash prices and offer limited-time deals across various product categories, including electronics, home goods, and fashion. However, it’s also an opportunity for scammers to try to defraud excited consumers of their money.
The most common Amazon Prime Day scams
Many common scams target unsuspecting consumers and aim to steal personal information, financial details, or even actual funds. These tricks can take many forms, so shoppers need to be careful.
Phishing emails
Phishing emails frequently target shoppers during Amazon Prime Day with fake account security alerts or exclusive deals. These emails look official and may lead recipients to click on a link or download an attachment to resolve a problem or claim a deal. The links lead to fake websites that steal login credentials, personal information, or financial details.
To avoid falling for such scams, verify the sender’s address and avoid clicking on suspicious links. Instead, log in directly to your Amazon account through the official website to check for legitimate issues or offers.
Fake websites
Scammers create fake websites that mimic Amazon, using lookalike URLs to deceive shoppers during Prime Day. These sites often feature similar designs and logos, making them appear genuine. They lure users into entering their Amazon credentials, personal information, and payment details, which the scammers then steal.
To avoid these scams, it’s best to know how to identify fake websites. Always check the URL carefully for subtle differences and ensure it starts with “https://.” It’s safest to navigate directly to Amazon’s official site rather than clicking on links from emails or ads.
Unrealistic deals
Scammers also post unrealistic deals on high-demand items during Amazon Prime Day. Scammers advertise too-good-to-be-true discounts on popular products to lure shoppers. These deals often require immediate payment and may result in receiving counterfeit items or nothing at all.
To protect yourself, beware of excessively cheap items and check seller ratings and reviews before making a purchase. Stick to reputable sellers and compare prices with other sites to verify if the offer is legitimate.
Fake customer service calls or texts
Scammers also exploit the excitement of Amazon Prime Day through fake customer service calls or texts. Claiming to be from Amazon, they contact shoppers and ask them for personal information or payment details to resolve an issue with their account or order. The scammers may use spoofed phone numbers to call from to appear legitimate.
Never provide personal or financial information over the phone or through text messages to avoid falling for such scams. If you receive such a call or text, hang up and contact Amazon customer service directly through the official website to verify any issues.
How do Amazon phishing scams work?
Amazon phishing email scams usually involve a criminal sending an email to a potential victim, disguising the message as an official message from the company. Using Amazon’s trustworthy reputation as cover, the criminal then tries to extract money or valuable data from the target.
For example, a scammer might contact someone, pretend to be from Amazon, and tell them that their account has been locked as a security measure. To unlock it, the victim just needs to click a link in the email.
If the victim does click on the link, two things could happen. The link might attempt to infect their device with malware, or it might take the victim to a page designed to look like part of Amazon’s website. Here, the victim will be prompted to sign in to their account, and in the process, they’ll expose their login information to the hacker.
Phishing attacks come in various shapes and sizes, but they’re sure to spike on and around Prime Day.
How to spot an Amazon Prime Day scam
No matter how clever the scam is, everyone can recognize one if they know what to look for. It’s important to be mindful of telltale signs that could indicate a scam.
- Generic greetings, grammatical errors, and urgency in emails. Legitimate emails from Amazon are typically personalized and free from grammatical mistakes. Be suspicious of emails that address you with generic terms like “Dear Customer” or contain an urgent message pressuring you to act quickly. These could be signs of a phishing email.
- Misspelled website URLs and unprofessional design. Scammers often create fake websites with URLs that resemble Amazon’s but have slight variations or misspellings. These sites may also appear poorly designed or lack Amazon’s official site’s professional look and functionality.
- Prices significantly lower than market value. Unreasonably low prices on high-demand items should raise suspicion. Scammers use these offers to lure shoppers into making impulsive purchases without realizing they may receive counterfeit goods or nothing at all.
- Requests for personal or financial information. Amazon will never ask for sensitive information like passwords, credit card details, or Social Security numbers via email or phone. If you receive such a request, especially if the sender threatens to close your account or demands urgent action, it’s most likely a scam.
How can you protect yourself this Prime Day?
You deserve to shop online without the threat of cybercrime and fraud. While no magic bullet can keep you completely safe, you can start taking steps to raise your cybersecurity levels dramatically this Prime Day.
- Shop directly on Amazon’s website (amazon.com). For the safest shopping experience, stick to the official Amazon website (amazon.com). Shopping directly from the official platform minimizes the risk of encountering fraudulent sellers or counterfeit products.
- Be cautious of unsolicited emails and phone calls. If Amazon or another company contacts you and urges you to click a link or provide private information, you must verify the authenticity of these messages. You can do so by logging in to your Amazon account directly or contacting Amazon customer support through official channels.
- Verify the website’s legitimacy before entering any information. Before entering sensitive information like login credentials or payment details, check the website’s URL for “https://” and ensure it displays a padlock icon in the address bar. Watch out for misspelled domain names or unofficial domain extensions.
- Enable two-factor authentication (2FA). This feature enhances the security of your Amazon account. If your 2FA is enabled, you’ll be required to enter a verification code with your password when logging in from an unrecognized device or location.
- Monitor your bank statements and credit reports for suspicious activity. Regularly review them for unauthorized transactions or accounts opened in your name. Report any suspicious activity immediately to your financial institution to minimize potential damage.
- Read the reviews. When shopping on Amazon, it’s important to read the reviews on any vendor you plan to buy from. Which?’s investigation on fake reviews has reported that fraudulent sellers often pay for good reviews, so filter the customer feedback from worst to best, and check for recurring complaints among the one-star reviews. A few bad reviews are normal, but if you see multiple people flagging up a potential scam, that’s not a good sign.
- Use a VPN. You can also choose a NordVPN plan with Threat Protection Pro anti-phishing included. This powerful feature can check a website against a list of known malware distributors, and if it perceives a potential threat, it will stop you from accessing the risky site. This means that even if you click on a malicious link in a phishing email, you have an extra line of defense.
What to do if you fall for a Prime Day scam
If you find yourself in the unfortunate situation of falling victim to a Prime Day scam, it’s crucial to act swiftly to minimize potential damage. Follow these steps to report the incident and protect yourself.
- Report the scam to Amazon. Contact Amazon’s customer service immediately to report the incident. Provide details of the scam, including any communication or transactions involved.
- Report to relevant authorities. Contact consumer protection agencies or cybercrime units in your country. They may have specific channels or websites for reporting scams. In the US, you can file a complaint with the Federal Trade Commission (FTC) through its online complaint assistant at ftc.gov/complaint. Include as much information as possible about the scam and any financial loss you’ve experienced.
- Monitor your financial accounts and credit reports. Check your bank accounts, credit cards, and other financial accounts for unauthorized transactions and immediately report the suspicious activity to your financial institution.
- Freeze your credit reports. Some countries have services for monitoring credit reports or offer similar protections against identity theft. Research what services are available locally. In the US, you can place a freeze on your credit reports with the major credit bureaus (Equifax, Experian, TransUnion) to prevent identity thieves from opening new accounts in your name. You can unfreeze your reports temporarily or permanently when needed.
- Change passwords and update security settings. If you share your Amazon account or any personal information with scammers, change your Amazon password immediately. Enable additional security settings such as two-factor authentication.