Fake Amazon Order Confirmation & Remove Your Info
If you’re an Amazon customer and do a lot of shopping on the site, you probably get order confirmations all the time. But what if one pops up in your inbox when you haven’t just bought something? What if this alleged purchase is going to a different address in another part of the country?
Seems like the kind of thing you should get on top of right away. Cancel the order ASAP and get to the bottom of how it was placed in the first place. This is a totally normal reaction, and that’s why the fake Amazon order confirmation scam is so effective.
Don’t do anything with that Amazon confirmation email before reading on. Learn how to spot a fake Amazon order confirmation, what to do when you get one, and what you should do if you’ve already fallen for this scam.
Is that Amazon order confirmation email a scam?
The short of it is that if you’ve received an order confirmation email from “Amazon” that didn’t come from the amazon.com domain, then yes, this is a fake Amazon email and it’s a scam.
This scam creates a sense of urgency if not outright panic. Once you’re on the hook, the scammers can install malware onto your device or get you to give up sensitive personal information, like your Amazon account information and credit card details or other payment information.
Scammers can use this and other sensitive information they get from you and your device to take over your Amazon account, charge purchases to your credit card, or even steal your identity.
How to spot the scam
A fake Amazon email is easy enough to spot if you’re on the lookout for the telltale signs. These fake Amazon order confirmation emails have been around for years and are always evolving, so treat any red flags you find seriously.
See how many you can spot yourself. Here are a couple of real examples:
Here are some of the biggest red flags that you’ve got a fake Amazon order confirmation on your hands:
- The email comes from an unknown address, one that’s different from the usual confirmations you get from Amazon.
- The sender’s email address ends in anything other than @amazon.com—although this can be spoofed, so you’re not automatically in the clear if it does.
- Links don’t go to URLs belonging to the amazon.com domain (hover your mouse over a button or link to see where it leads).
- Spelling and grammar mistakes and sloppy punctuation—some scammers get this right, most don’t.
- A sense of urgency—this thing you didn’t order will be delivered soon. Time is running out if you want to cancel the order.
- Encouragement to call a phone number or click on buttons and links rather than visiting the Amazon website—Amazon customer service will rarely ask you to call them.
The biggest giveaway is the fact that whatever the email is telling you doesn’t appear on your Amazon account when you log in (by visiting www.amazon.com, not clicking on any links in the email). On this article you can read about some of the most popular Amazon scams.
What to do if you come across a fake Amazon order confirmation email
The short answer is: don’t click on anything in the email, call any phone numbers it contains, or interact with it in any other way.
The number could be a premium-line scam in addition to being a way to get your personal details from you. Links in the email likely go to phishing sites and attachments could be there to get malware onto your device.
Instead, log into your Amazon account by manually navigating to www.amazon.com and check for any notifications or suspicious orders there. If everything is fine in your account, then you know the Amazon order confirmation email you received is fake. For added peace of mind, check your bank account to make doubly sure nothing untoward has happened.
Report the email as a phishing attempt, if you have such an option, or mark it as spam. If doing this doesn’t automatically move the email to your spam or trash folder, do so manually.
Resist the urge to contact the scammers in any way. Scambaiters use throwaway accounts and virtual machines to engage scammers safely. Doing so from your actual telephone number or email account will at best flag that telephone number and email address as active, leading to more scams, spam, and phishing attacks being sent your way.
What to do if you fell victim to a fake Amazon email
Seeing big-ticket items on their way to someone else’s address at your expense is enough to raise anyone’s heart rate and cloud their judgment. If you’ve already fallen for this scam and gave up personal information like your credit card number, either over the phone or on a phishing website, there’s still a lot you can do to protect yourself after the fact.
Change your Amazon password
If you entered your Amazon password and username into any sites linked to the email you received or logged into your account on the real Amazon site after clicking on any links or attachments, you’ll need to change your Amazon password.
Use a different device if you clicked on anything in the email. Links and attachments in the scam email could have executed or installed malware on the device on which you opened the email.
Protect your finances
If you entered any credit card information or other payment details into a phishing site, downloaded any files, or opened any attachments, then take steps to protect your finances. Contact your bank and explain what happened. Keep an eye on your transaction history and credit card statements.
Deal with any malware
Whether using a computer with Windows or macOS, or a phone with Android or iOS, download reputable antivirus software and run a scan for malware. This is only strictly necessary if you followed any links from the email, opened any attachments, or visited any websites while following the scammer’s instructions over the phone.
Nevertheless, performing regular scans for malware is good practice and you should definitely do so regardless of whether you clicked on anything in a suspicious email. Windows users are particularly vulnerable, but the built-in Windows Defender software is quite good if kept up to date and activated.
Report the scam
Reporting the fake Amazon order email scam is the best and safest way to make life difficult for the scammers behind it. Spreading awareness about the scam and helping to amass evidence of wrongdoing will make the scam both riskier and less profitable over time.
Creating a paper trail of detailed reports of your experiences may also help you recover funds and deal with repercussions like identity theft down the line. Here are two great places to start:
- Contact Amazon: start here and follow the links to walk through the process step-by-step.
- File a complaint with the BBB: use the Better Business Bureau’s complaint form to raise awareness about this scam and warn others.
Begin the identity recovery process
If the scammer got your Social Security number and/or a lot of other personal data, then they may have enough information to not only gain access to your accounts but to steal your identity as well.
The Federal Trade Commission’s identity theft portal will guide you through the identity recovery process and provide you with resources to help you on your way.
Do you want to know about more Amazon scams to be aware of? Check out these guides: