Identifying false (spoofed) emails
You may receive emails from Amazon, such as Sold, Ship Now emails or Technical Notification emails. However, sometimes you might receive emails that are not really from Amazon, even if at first glance they may appear to be. Instead, such emails are falsified and attempt to convince you to reveal sensitive account information.
These false emails, also called ‘spoofed’ emails or ‘phishing’, look similar to legitimate emails from Amazon. Often these emails direct you to a false website that looks similar to an Amazon website, where you might be asked to give account information, such as your email address and password combination.
Unfortunately, these false websites can steal your sensitive information, which can then be used without your knowledge to commit fraud.
To protect yourself from responding to these emails, you can follow some simple rules:
What Amazon will never ask for
Amazon will never ask you for the following information in an email communication:
- Your National Insurance Number
- Your bank account information, credit card number, PIN number or credit card security code (including ‘updates’ to any of the above)
- Your mother’s maiden name or other information to identify you (such as your place of birth or your favourite pet’s name)
- Your Amazon or Seller Central password
Review the email for grammatical or typographical errors
Be on the lookout for poor grammar or typographical errors. Many phishing emails are translated from other languages or are sent without being proof-read. As a result, these messages can contain bad grammar or typographical errors.
Check the return address
Genuine emails from Amazon always will come from an address ending in ‘@amazon.com’ or the email addresses listed here:
- amazon.co.uk
- amazon.de
- amazon.es
- amazon.fr
- amazon.it
- amazon.lu
- amazon.com.au
- amazonsellerservices.com
- amazon.ae
- sell.amazon.com.au
- amazon.sa
- sell.amazon.com
- gs.amazon.cn
- sell.amazon.ca
- vender.amazon.com.mx
- venda.amazon.com.br
- sell.amazon.co.uk
- sell.amazon.sg
- satis.amazon.com.tr
- amazon.com.tr
Check the email’s header information. If the ‘received from’, ‘reply to’ or ‘return path’ for the email does not come from one of the sources above, it is not from Amazon. Most email programs let you examine the source of the email. The method that you use to check the header information varies depending upon the email program that you use. The following are some examples of fraudulent return addresses:
- seller-performance@payments-amazon.com
- amazon-security@hotmail.com
- amazon-payments@msn.com
Check the website address
Some phishers set up spoofed websites that contain the word ‘amazon’ somewhere in the URL. Genuine Amazon websites always end with ‘.amazon.com’ or ‘.amazon.es’ – that is, ‘sellercentral-europe.amazon.com’, ‘sellercentral.amazon.co.uk’, ‘www.amazon.com’, ‘amazonsellerservices.com’ or ‘www.amazon.co.uk’.
We never use a combination such as ‘security-amazon.com’ or ‘amazon.com.biz’.
When in doubt, go directly to the Seller Central website
Some phishing emails include a link that looks as though it will take you to your Seller Central account, but it is really a shortened link to a completely different Website. If you hover over the link in your email client, you can sometimes see the underlying, false web address, either as a pop-up or as information in the browser status bar.
The best way to ensure that you do not respond to a phishing email is to always go directly to your Seller Central account to review or change anything about your account after entering your password.
Do not ‘Unsubscribe’
Never follow any instructions contained in a forged email that claim to provide a method for ‘unsubscribing’. Many spammers use these ‘unsubscribe’ processes to create a list of valid, working email addresses.
Use the features in Seller Central to track your orders
The Sold, Dispatch Now email can be a useful tool, but the most accurate and up-to-date information for your orders is always found by clicking the Orders tab in Seller Central. The default page, Manage Orders, shows you the most recent orders.
Help stop phishers and spoofers
You can make a difference! Amazon has filed several lawsuits against phishers and spoofers; these lawsuits came about from information provided to Amazon via the stop-spoofing@amazon.com email address.
Report spoofed emails to Amazon
- Create a new email to stop-spoofing@amazon.com and attach the original, spoofed email. Sending the email as an attachment is the best way to preserve the ‘header information’, which makes it easier for Amazon to trace the origin of the forgery.
- If you cannot send the forged email as an attachment, forward the email to stop-spoofing@amazon.com, and include as much of the header information as you can.
To locate the header information, configure your email program to show All Headers. (This varies, depending on the email program that you use.) The headers we need are well labelled and will look similar to this example:
X-Sender: someone@domain.com
X-Sender-IP: [10.1.2.3]
X-Date: Tue, 08 Apr 2003 21:02:08 +0000 (UTC)
X-Recipient: you@domain.com
X-OUID: 1
- Category, Product, and Content Restrictions
- Keeping Your Account Information Secure
- Identifying false (spoofed) emails
- Supported browsers and operating systems
- Why do I have to complete a PIN verification process?
- Why isn't the system recognizing my PIN when I enter it?
- Can I put a link on my website to my products listed on Amazon?
- Do I have to have a land line to complete this process, or can I use a cell phone?
- Why didn't I receive a phone call?
- Why can't I view some pages on Seller Central?
- How can I verify that my bank account information has been changed?
- What can I do if my bank account information is not accepted?
