Penetration testing, also referred to as pen testing, is a simulation of a cyber attack that organizations conduct to identify security vulnerabilities within their systems. By
Amazon provides users a convenient way to shop online, making it one of the most popular online retailers. However, its popularity has made it a prime hub for online scams. Scammers often impersonate an Amazon representative or legitimate seller to trick users into giving up their personal information. Some common Amazon scams you need to avoid are fraudulent sellers, off-platform payments, phishing messages about your Amazon account and fake Amazon job offers.
Continue reading to learn about the ten most common Amazon scams, how you can detect them and how you can protect yourself from them.
1. Fraudulent Sellers
Cybercriminals often launch a type of online shopping scam on Amazon in which they create an Amazon account to appear as a legitimate seller. They will create product listings with “great deals” to lure people into buying from them. These product listings may even have fake reviews about how great the product is. However, if a user tries to buy from the cybercriminal, the cybercriminal will do a bait-and-switch and send the user a counterfeit product or nothing at all.
2. Off-Platform Payments
All official Amazon purchases are done on the platform. However, some fraudulent sellers on Amazon will try to get users to pay them off the platform and use payment methods such as Zelle, Venmo or a wire transfer. Cybercriminals want you to use these payment methods because they are fast and untraceable. These payment methods are not protected by Amazon, meaning you can’t get your money back if a seller turns out to be a cybercriminal.
3. Phishing Messages About Your Amazon Account
Most Amazon scams are phishing attempts that try to trick you into giving up your personal information. Cybercriminals will impersonate Amazon representatives messaging you about an issue with your Amazon account that you need to resolve immediately. They will say that you were overcharged, are eligible for a refund, your account is frozen or provide you with details about a fake order. To get you to “fix” these issues, the cybercriminal will try to convince you to reveal your personal information such as your Amazon account login credentials or credit card number.
4. Fake Amazon Websites
Cybercriminals create fake websites that look almost identical to the real Amazon website. However, there will be slight differences in the URLs of these websites that trick people into thinking they are on the real website and giving up their personal information. Cybercriminals often use these fake websites for phishing attacks, malicious ads or search engine phishing.
5. “Write a Review” Scam
If you ever received an email asking you to write an Amazon review for money, then it is probably a scam. Scammers send these messages to get you to click on a link for a spoofed website that looks like the real Amazon website. When you click on the malicious link, you can unintentionally install malware on your device or give up your personal information.
6. Fake Amazon Job Offer Scam
Some cybercriminals exploit job seekers by posing as Amazon recruiters and creating fake job listings. These job scams will offer an entry-level position at Amazon with flexible hours, high pay and minimal work. Cybercriminals post these fake job offers on legitimate job listing websites such as Indeed and LinkedIn. When someone tries to apply for a fake Amazon job offer, cybercriminals can steal the applicant’s personal information.
7. Amazon Prime Video Scam
Amazon Prime Video scams happen when cybercriminals create fake websites or ads that target people who are looking to set up their first Prime Video account. When people click on one of the fake Amazon Prime Video websites, they are taken to a page that looks like Amazon’s SmartTV setup page. The user is then prompted to reveal their login credentials and 2FA code which gives the scammer access to their Amazon account.
8. Mystery Box Scam
Amazon scammers will create social media ads that link to fake Amazon websites or fake product listings on Amazon offering a “mystery box.” These mystery boxes claim to have high-value items at a very low price. Scammers say that Amazon has an extra stock of these valuable items due to clearance sales or inventory restocks. They will create different pricing tiers promising that paying for a higher tier gives the victim a higher chance of getting a very valuable item. However, when the victim buys the mystery box, they receive a counterfeit, broken or old item.
9. Amazon Gift Card Scam
Amazon gift card scams are when cybercriminals trick you into buying an Amazon gift card and sending them the gift card information. Typically, cybercriminals will impersonate a family member, friend, colleague, fake charity or Amazon representative. They will then convince you to buy an Amazon gift card and give them the information for reasons such as to help a family member or friend make a purchase, to make a donation or to resolve an issue with your Amazon account.
10. Brushing Scam
Brushing scams are when cybercriminals send you an unsolicited Amazon package of cheap products without a return address. The package is delivered in your name and shows no evidence of a transaction. Cybercriminals send these packages to write product reviews under your name and boost their seller ratings on Amazon. This allows them to attract new customers and exploit them. Brushing scams are concerning since cybercriminals have your address and potentially other personal information to use for other scams.
How To Avoid Falling Victim to Amazon Scams
These are only some of the most common Amazon scams you need to avoid. There are many other ways cybercriminals exploit Amazon’s brand to trick you into giving up your personal information. It can be difficult to deal with so many potential Amazon scams; however, you can avoid falling victim to Amazon scams by taking the following steps.
Secure your Amazon account
Many scams try to steal the login credentials for your Amazon account. To protect your Amazon account from cybercriminals, secure it with a strong and unique password. By using a strong password, cybercriminals have a harder time trying to guess your password. Your Amazon password should also be different from your other passwords to prevent credential stuffing attacks.
Your Amazon password should be a unique and random combination of uppercase and lowercase letters, numbers and special characters, and be at least 16 characters long. It should omit any personal information, sequential numbers or letters, and commonly used dictionary words.
You should also enable MFA on your Amazon account to prevent unauthorized users from accessing your account. Multi-Factor Authentication (MFA) is a security protocol that requires you to provide additional authentication to access your Amazon account. By enabling MFA, you add an extra layer of security to your Amazon account and ensure cybercriminals cannot access it.
Never make payments outside of Amazon
You should never pay for an Amazon purchase outside of the platform. Every official Amazon transaction is done on the platform to guarantee the safety of their users. If a seller wants you to use payment methods off the platform, then you know the seller is a scammer and you should avoid doing business with them. Only make payments for Amazon purchases on the Amazon platform.
Don’t click on suspicious links
Many cybercriminals will send you phishing emails or text messages posing as Amazon to get you to click on a suspicious link. Amazon will never contact you via email, text or phone call to disclose sensitive information about your account. They typically notify you about an issue with your account via the platform. Never click on suspicious links from unsolicited messages from Amazon since they are most likely scams.
However, if you are concerned about an issue with your Amazon account, you should double-check with Amazon. Go to the Amazon website or app to check if there are any issues. Type in the URL to the Amazon website yourself to avoid search engine phishing. Call the customer support number on the Amazon website to check if there is any issue with your account. Avoid looking up the customer support number on a search engine since cybercriminals can fabricate the results.
Research sellers on Amazon
Since anyone can sell products on Amazon, scammers use the platform to appear as legitimate sellers to trick people into buying from them and giving up their personal information and money. You should always do a background check to research the sellers on Amazon. Look at reviews to see if there are any indications of the seller being fraudulent such as generic positive reviews, negative reviews, reviews unrelated to the product, discrepancies with the product description and too-good-to-be-true offers.
Use antivirus software
Some Amazon scams try to secretly install malware on your device to steal your personal information. You should use antivirus software as an extra layer of protection against Amazon scams. Antivirus software is a program that detects, prevents and removes known malware from your device. It can detect any incoming malware and remove it before it infects your device. If you accidentally click on a malicious link from an Amazon scam, high-end antivirus software will ensure your device won’t get infected with malware.
How Keeper® Secures Your Amazon Account
Scammers use a variety of scams to gain unauthorized access to your Amazon account. One of the best ways to protect your Amazon account is by using a password manager. A password manager is a tool that securely stores and manages your login credentials in a digitally encrypted vault. Some password managers protect your Amazon password from spoofed websites using an autofill feature. With the autofill feature, your password manager will only fill in your Amazon password when you are on the official Amazon website.
Keeper Password Manager offers KeeperFill to help protect your Amazon login credentials from spoofed websites. Sign up for a free trial to protect your Amazon account from scammers.