Search Help:

Identifying Spoof E-mails

You might receive e-mails from Amazon, such as "Sold, ship now" e-mails, listing confirmation messages, or deposit notifications. However, sometimes you may receive e-mails that are not really from Amazon even if at first glance they may appear to be. Instead, such e-mails are falsified and attempt to convince you to reveal sensitive account information.

These false e-mails, also called "spoof e-mails" or "phishing e-mails," look similar to legitimate Amazon e-mail. Often these e-mails direct you to a false website that looks similar to the Amazon website, where you might be asked to provide account information such as your e-mail address and password combination.

Unfortunately, these false websites can steal your sensitive information which can then be used without your knowledge to commit fraud.

To protect yourself from responding to these e-mails, follow a few simple rules.

Know What Amazon Won't Ask

Amazon will never ask you for the following information in an e-mail communication:

  • Your social security number or tax identification number
  • Your bank account information, credit card number, PIN number, or credit card security code (including "updates" to any of the above)
  • Your mother's maiden name or other information to identify you (such as your birth city or your favorite pet's name)
  • Your Amazon.com password

Review for Grammatical or Typographical Errors

Be on the lookout for poor grammar or typographical errors. Many phishing e-mails are translated from other languages or are sent without being proof-read.

Check the Return Address

Is the e-mail from Amazon or from a "phisher"? Genuine e-mails from Amazon always come from an address ending in "@amazon.com".

Check the e-mail’s header information. If the "received from," "reply to," and "return path" for the e-mail does not come from @amazon.com, it is not from Amazon.

Most e-mail programs let you examine the source of the e-mail. The method you use to check the header information varies depending upon the e-mail program you use.

The following are some examples of fraudulent return addresses:
seller-performance@payments-amazon.com
amazon-security@hotmail.com
amazon-payments@msn.com

Check the Website Address

Some phishers set up spoofed websites that contain the word "amazon" somewhere in the URL. Genuine Amazon websites always end with ".amazon.com" -- that is, "www.amazon.com".

We never use a combination such as "security-amazon.com" or "amazon.com.biz".

When in Doubt, Go Directly to the Amazon Website

Some phishing e-mails include a link that looks as though it will take you to your Amazon account, but it is really a shortened link to a completely different website. If you hover over the link with your mouse when viewing the message in your e-mail client, you often can see the underlying false Web address, either as a pop-up or as information in the browser status bar.

Note: The “hover” technique can be fooled. If you do click on a link, you should always look at the URL in your browser when the page opens.

The best way to ensure that you do not respond to a phishing e-mail is to always go directly to your Amazon account to review or make any changes to the account. When in doubt, do not click on a link in an e-mail.

Do not "Unsubscribe"

Never follow any instructions contained in a forged e-mail that claim to provide a method for "unsubscribing." Many spammers use these "unsubscribe" processes to create a list of valid, working e-mail addresses.

Use the Features in Your Seller Account to Track Your Orders

The "Sold, ship now" e-mail is a useful tool, but the most accurate and up-to-date information for your orders is always found by viewing your orders using the Manage Your Orders tool in your Seller Account.

If an offer sounds too good to be true, it probably is

Sometimes phisher e-mails will offer you deals, such as a discount or a free item, for doing simple things such as signing in to your seller account.  If you receive such an e-mail, follow the above guidance about checking the e-mail’s addresses and any website URLs in the e-mail.  We recommend that you never sign in to your seller account by clicking on a link embedded in e-mail. 

How You Can Help Stop Phishers and Spoofers

You can make a difference! Amazon has filed several lawsuits against phishers and spoofers; some of these lawsuits came about from information sellers provided to Amazon.

Report Spoofed E-mails to Amazon

As part of our ongoing commitment to stop spoofing, we'd like you to help us investigate spoofed e-mails. Please send us the original spoofed e-mail with the complete header information using our contact-us form: https://www.amazon.com/gp/help/contact-us/report-phishing.html

To find the header information, configure your e-mail client to show All Headers (this varies depending upon the e-mail client you use). The headers we need are well labeled and look similar to this:

X-Sender: someone@domain.com
X-Sender-IP: [10.1.2.3]
X-Date: Tue, 08 Apr 2003 21:02:08 +0000 (UTC)
X-Recipient: you@domain.com
X-OUID: 1

Instructions on obtaining full headers in several popular web-based email clients are provided below:

  • Hotmail: Right-click the message and select “View Message Source”
  • Yahoo: Open the message and click the “Full Headers” button
  • Gmail: Open the message, click the down arrow next to “Reply” and select “Show Original”

Note: Amazon will not be able to respond to all of the e-mails reporting spoofed e-mails, though we do read them and take action as appropriate. If you have specific questions about your account, check our Help pages or Contact Us.

Seller Support

Please use the e-mail address associated with your Amazon.com Seller account.