With over 300 million customer accounts, Amazon is the most popular online retailer in the world. There's even an estimated 80 million Amazon Prime members in the U.S. (Note: If you're not a Prime member, click here to learn how to become a member at a discounted rate.)
Such an incredible number of users makes Amazon a prime target for cybercriminals. That's why you need to watch out for the latest phishing scam, it's focused on ripping off Amazon customers.
Watch out for this Amazon phishing attack
People are receiving fraudulent emails that contain malicious links. The emails look very official, like they really came from Amazon. But beware, they are actually from cybercriminals looking to rip you off.
There are several different spoofed emails making the rounds, but the scammers' goals are the same. Stealing your credentials and potentially infecting your gadget with malware.
Here's an example of one of the fake emails that Kim Komando found in her inbox. It reads, "You have been selected to take part in our anonymous survey about Amazon. Take this 30-second questionnaire and we'll offer you an exclusive reward worth over $50."
Image: Example of Amazon phishing email making the rounds.
The message goes on to thank the recipient for their recent order on Amazon.com and offers a $50 gift card for taking the time to review the purchased product.
Warning! If you click on the links within the message, your credentials could be stolen and you could become a victim of identity theft.
It's important that you know how to recognize a phishing email so you don't fall victim to one. Typically there are signs to watch for. Take our phishing IQ test to see if you can spot a fake email.
You should also follow these suggestions from Amazon on how to recognize a fraudulent email:
If you receive an email claiming to be from Amazon confirming an order that you did not place, it's a scam. Instead of clicking links within the email, type Amazon.com into your browser, sign in and go to Your Orders page to verify your purchases. If you didn't buy the item from the email, it's a phishing scam.
Amazon does not send emails requesting your username and/or password. If you receive an email like this, it's a scam. Handing over your credentials to cybercriminals could lead to fraudulent charges on your account and identity theft. Bad idea.
Update payment information
You should never click a link within an email asking you to update your payment information. Instead, go to your Amazon account and click Manage Payment Options in the Payment section. If you are not prompted to update your payment method on that screen, the email is not from Amazon.
If you receive an email with a link that supposedly goes to Amazon, hover over the link with your cursor. If it does not say that it's going to direct you to Amazon, it's a phishing scam. It's always better to type a website's address directly into a browser than clicking on a link.
Emails purportedly from Amazon that contain attachments or prompts to install software on your computer are scams. You should never download PDF, Word or Excel files attached to unsolicited emails to begin with. If you do open one of these documents and it says that you need to turn on macros, close the file and delete it immediately.