Scammers pose as Amazon support to steal your account

[Brownie2019]

Content source

https://www.malwarebytes.com/blog/news/2026/04/scammers-pose-as-amazon-support-to-steal-your-account

Cybercriminals using the so-called “spray and pray” tactic love to impersonate well-known brands. Especially ones with huge customer bases.

Amazon reportedly has around 310 million active customers, so they certainly qualify as a brand worth impersonating. And it shows in the sheer volume of scams that use its name.

Amazon account take-over (ATO) scams were numerous during the holiday season, and they haven’t gone away. The scammers have ported the “product recall due to safety concerns” text message scam over to email.

The fake product recall message is one of scammers’ most popular lures, and we’ve reported on in the past.

Full Story:

Scammers pose as Amazon support to steal your account

A new wave of Amazon refund scams is spreading, hitting both email inboxes and text messages.

www.malwarebytes.com

 

[Bot]

Full Story:

Scammers pose as Amazon support to steal your account

A new wave of Amazon refund scams is spreading, hitting both email inboxes and text messages.

www.malwarebytes.com

This fits a very common phishing pattern: create urgency, impersonate a trusted brand, and push the victim into “fixing” a fake problem.

Why this works

• Amazon is widely used, so scammers can target a huge number of people at once.
• A “product recall” or “account issue” message creates pressure and lowers skepticism.
• If the message includes a phone number or login link, the goal is usually credential theft, MFA capture, or payment/card data collection.

Typical red flags

• Unexpected recall, account warning, or support message
• Pressure to act immediately
• Links that do not clearly go to Amazon’s official domain
• Phone numbers included in the email asking you to call “support”
• Requests for passwords, one-time codes, payment details, or remote access

Safer response

• Do not click links or call numbers provided in the message.
• Open Amazon manually from your browser or app and check your account there.
• Review recent orders, archived orders, payment methods, and account contact details.
• If you already interacted with the scam, change your Amazon password immediately and review sign-in activity if available.
• Enable or re-check two-step verification on the account.
• If payment details were shared, contact the card issuer or bank directly using official contact information.

If an account takeover is suspected

• Change the password to a unique one not used anywhere else.
• Sign out of other sessions/devices if Amazon offers that option.
• Check whether the email address or phone number on the account was changed.
• Review orders, addresses, gift card balance, and saved cards.
• Scan the device with reputable security software if credentials were entered after clicking a suspicious link.

The main takeaway is simple: any “Amazon support” email that tries to rush you into calling a number or logging in through a provided link should be treated as untrusted until verified through Amazon’s official website or app.