Amazon Prime subscribers recently received an email from the online marketplace, warning them of the prevalence of scams that took advantage of their offerings and brand recognition. Let’s go through the advice that this email shared, and compare it to the best practices we recommend for avoiding scams.
As you may expect, this communication primarily focused on those scams that involved Amazon’s brand and services in some way. For instance, it directly referenced “Prime membership scams” and “Account suspension/Deletion scams.”
As the email put it, a Prime membership scam is composed of some communication that references some issue with your membership in the program or some additional fee that is required. In order to confirm or cancel this charge, of course, your payment information is needed.
In regards to these scams, the official statement shared in the company’s email is that “Amazon will never ask you to provide payment information for products or services over the phone.” Instead, customers are directed to visit the official website/application to check for legitimate communications in the Message Center and manage their account status.
Account suspension/Deletion scams, meanwhile, are described as texts, emails, and phone calls that try to fool users into providing account access by convincing them to hand over their credentials or payment information.
Amazon’s official stance—again, from the aforementioned email—is that “Amazon will never ask you to disclose your password or verify sensitive information over the phone or on any website other than Amazon.com.” Their advice is to authenticate any requests, specifically through the Message Center.
Amazon’s alert also outlined a few pieces of advice. To quote the message:
“1. Trust Amazon-owned channels.
Always go through the Amazon mobile app or website when seeking customer service, tech support, or when looking to make changes to your account.
2. Be wary of false urgency.
Scammers may try to create a sense of urgency to persuade you to do what they're asking. Be wary any time someone tries to convince you that you must act now.
3. Never pay over the phone.
Amazon will never ask you to provide payment information, including gift cards (or “verification cards,” as some scammers call them) for products or services over the phone.
4. Verify links first.
Legitimate Amazon websites contain "amazon.com" or "amazon.com/support." Go directly to our website when seeking help with Amazon devices/services, orders or to make changes to your account.”
Overall, these line up with the best practices we’d recommend when dealing with any official-seeming communication to help prevent phishing:
Don’t get us wrong, we’re glad to see a business with the reach that Amazon has sharing cybersecurity practices and spreading awareness. However, it is important that these practices are applied to every email you receive at home and especially in the workplace, along with other assorted security measures and safeguards.
One Up Solutions Northwest is here to assist the businesses of Oregon with their information technology needs, including their cybersecurity and related concerns. Give us a call at (503) 278-5011 to learn more about what we can do.