If you’re shopping online this holiday season, beware; there’s a new scam that could affect you.
Popular online shopping destination Amazon.com has been targeted by scammers phishing for your personal and financial information.
In the Amazon scam, bogus emails like the one below are purportedly sent by Amazon with the subject line “Your Amazon.com order cannot be shipped.”
Claiming there’s a problem processing orders, the message says, “You will not be able to access your account or place orders with us until we confirm your information.”
A “click here” link leads to an authentic-looking page (like the one below) to confirm your name, address and credit card information.
After entering the information and clicking on a “save and continue” button, you’re secretly redirected to Amazon’s actual website. You continue to browse or exit, completely unaware you just gave scammers everything they need to go on a holiday shopping spree of their own…at your expense!
What to do. What not to do.
Local law enforcement and consumer advocacy groups including the Better Business Bureau and American Association of Retired Persons (AARP) urge, don’t take the bait! As AARP reminds us, you should never click on an embedded link from Amazon or any other company. If you receive an email purporting to be from Amazon look for the following:
- The scam e-mail subject line will say “Your Amazon.com order cannot be shipped.”
- If the “from” line in the e-mail contains an Internet Service Provider other than @amazon.com, the e-mail is not from Amazon.
- If you get an e-mail like this from Amazon (or any other online retailer), don’t click on the link!
- If you’ve recently ordered from Amazon and are concerned about missing an authentic update, use your web browser to independently (not through the e-mail) log in to Amazon.com and check under “Your Orders” to see if the e-mail’s details match any of your order information. If they don’t match, the message isn’t legitimate, notes Amazon.
- If you receive a fake Amazon email, don’t just ignore it. Report it to the company by forwarding the whole message as an attachment to [email protected].
