Belfast Telegraph

UK Website Of The Year

Amazon email scam could cost you up to £750 - here's what you should look out for

One shopper lost £750 after clicking on the link in what looks like an automatic customer email

Amazon customers have been warned they could lose hundreds of pounds if they fall for a “convincing” fake email scam.

Action Fraud, the UK’s fraud and cyber-crime centre, said the spoofed emails from “service@amazon.co.uk” claims recipients have made an order online and mimic an automatic customer email notification.

The number of people who have been sent the fake email is unclear, however Action Fraud said it had received several reports about the scam.

The email claims shoppers have ordered products including an expensive vintage chandelier, Bose stereos, iPhone’s and luxury watches.

In order to get a shopper’s financial information, the email cleverly states that if the recipient didn’t authorise the transaction they can click on the help centre link to receive a full refund.

One shopper lost £750 after clicking on the link in what looks like an automatic customer email.

After the victim notified Nationwide they cancelled the card and refunded the money in full.

So what should you look out for to make sure you don’t fall for the scam?

Suspicious links

Amazon said that scam emails will often contain links to websites that look like Amazon.co.uk, but aren’t Amazon.co.uk.

Legitimate sites have a dot before “amazon.co.uk”, such as http://“something”.amazon.co.uk (usually “www”).

Sites such as “payments-amazon.com” aren’t Amazon sites. Amazon will also never send emails with links to an IP address (string of numbers), such as “http://123.456.789.123/amazon.co.uk/”.

Beware of attachments

Don’t click on attachments or prompts to install software on your computer.

If you’ve already opened an attachment or clicked a suspicious link, go to Protect Your System.

Typos or grammatical errors

An official email from Amazon will not contain typos. Delete it.

Make sure your computer is configured securely

Candid Wüest, Threat Researcher at Symantec, said: “Configuring popular internet applications such as your web browser and email software is one of the most important areas to focus on.

“The strongest security settings will give you the most control over what happens online but may also frustrate some people with a large number of questions (‘This may not be safe, are you sure you want do this?’) or the inability to do what they want to do. Often security and privacy settings can be properly configured without any sort of special expertise by simply using the ‘help’ feature of your software or reading the vendor’s website.”

Amazon will never ask for personal information to be supplied by email

Request for your Amazon username, password or any other personal information should be ignored.

The online retailer will never ask for this information to be supplied by email.

I already clicked on the email, what should I do?

If you have already clicked on the suspicious email you can report a fraud and receive a police crime reference number by calling Action Fraud on 0300 123 2040, alternatively you can use this online fraud reporting tool.

Independent News Service