author photo
By Bruce Sussman
Mon | Dec 10, 2018 | 8:29 AM PST

Hackers love sending fake emails with logos and formats that look real from the biggest brands—such as Amazon and Amazon Prime—because there's a good chance you are a customer of that brand.

That increases the odds you will fall for their phishing attempts.

We are seeing fake Amazon gift card emails, fake Amazon Prime emails, fake Amazon baby registry emails, and a hot one right now is the fake Amazon package tracking email.

This one hit a relative's email inbox over the weekend:

fake-amazon-track-package-email-imageIt looks so good, the person who got it asked their spouse: "Did you buy me a gift on Amazon this week?"

The answer was no, and this email that looks like it came from Amazon is a fake.

Clues an email from Amazon is actually a fake

At first glance (which is all hackers want us to take), this email passes as a legitimate Amazon package tracking email. Instead, it is a spoofed email. Here are the top ways to detect if a message is really from Amazon.

Fake Amazon email tip #1 from cybersecurity experts

Check the "from" line to see who sent the email. In this case, the Amazon email spoofers were either too lazy or too dumb to change it. Clearly, the email is not even from Amazon but another random website address. 

However, be aware, if you get an email with a "from" line that says Amazon.com, that is not enough information to know if it's a legitimate Amazon email. So keep going.

Amazon emails will typically address you by name and include your shipping address. This email does neither of those things. Those are warning signs.

Fake Amazon email tip #2

Look for typos, misspellings, and phrases that don't seem to make sense.

Look at the delivery date. It says Approximate Arrival: December 19, 18

This is sloppy work, they forgot to type the 20 in 2018. We've seen worse examples, for sure. However, this gives you an idea of what to look for in your hunt for clues.

Fake Amazon email tip #3

Hover over buttons, product ads, and blue hyperlinked text to see where it will take you. Do not click these links, simply hover over them. In this spoofed Amazon email we found the following. The"Track your package" link takes us to a random website claiming to be "mrcosmetic-dot-com":

fake-amazon-email-example (4)

The ad on the bottom left of the email takes us to "bitnus-dot-com:"

fake-amazon-email-example (3)

The link connected to the product on the right takes us to "getcarbonblack-dot-com:"

fake-amazon-email-example (2)

And lastly, the link at the bottom on "tax and seller information," which fraudsters put in there to add legitimacy, takes us not to Amazon but instead to "snfcahps-dot-org":

fake-amazon-email-example (1)

We did not test where these web addresses take us because even if it is only an advertisement type website trying to get us to invest or buy something, there's a good chance the site is infected with other hacking related attacks, viruses, or malware that will load secretly onto a computer or device. So resist the temptation to click.

Things Amazon will never ask you for in an email

Amazon has posted many warnings about fake versus legitimate emails. Here are the things Amazon says it will never ask you for in an email:

  • Your bank account information, credit card number, PIN number, or credit card security code (including "updates" to any of the above)
  • Your mother's maiden name or other information to identify you, such as your birth city or your favorite pet's name
  • Your Amazon or Seller Central account password

How to report fake or suspicious emails to Amazon

Amazon has a fraud team that tries to block cybercriminals and hackers from using the Amazon name to rip you off. If you receive an email that fails the tests above, then send it to Amazon in the following way:

  1. Open a new email and attach the email you suspect is fake. For suspicious webpages, simply copy and paste the link into the email body. If you can't send the email as an attachment, you can forward it.
  2. Send the email to stop-spoofing@amazon.com
    Note: Sending this suspicious email as an attachment is the best way for us to track it.

We hope this will help you evaluate if the message you get from Amazon is real or a fake. 

[RELATED: How to tell if an email is really from Apple, iTunes, or the App Store and How to spot a fake message from PayPal]

Comments