Welcome to the First Column IT Tech Blog

HomeBlog
Amazon’s Advice on Security Scams is Actually Pretty Great

Amazon’s Advice on Security Scams is Actually Pretty Great

August 14, 2023

Amazon Prime subscribers were recently sent a communication from the online marketplace detailing popular scams and what can be done to protect against them. While we have our own set of best practices to share, we thought we would take a closer look at Amazon’s advice to see how it squares up against our own.

Amazon’s Recommended Practices

The communication sent out by Amazon focused mostly on services related to Amazon. For example, the communication mentions “Prime membership scams” and “Account suspension/Deletion scams.”

To be more precise, this email issued to Prime members describes what to expect from the various scams. For a Prime membership scam, users might encounter messages claiming further fees must be charged to an account in question, or users might have to log in to dispute charges or provide payment information (which, if you think about it, makes zero sense, right?).

According to the official company email: “Amazon will never ask you to provide payment information for products or services over the phone.” If Amazon ever needs you to take action, they recommend confirming through the official website or application and checking for legitimate communications sent through their secure Message Center.

Suspension and deletion scams are also covered in detail here. Amazon describes these attacks as those delivered via text, email, or phone call which attempt to convince users to log in or provide payment information under duress of a lost or suspended account.

According to Amazon’s communication, “Amazon will never ask you to disclose your password or verify sensitive information over the phone or on any website other than Amazon.com.” Again, they double down on any significant communications being sent directly to their secure Message Center, and they urge users to confirm identities before ever responding to these urgent or out-of-place messages.

Other Relevant Amazon-Related Security Tips

Amazon also offers the following advice for anyone who would like additional security information about their platform:

“1. Trust Amazon-owned channels.
Always go through the Amazon mobile app or website when seeking customer service, tech support, or when looking to make changes to your account.

2. Be wary of false urgency.
Scammers may try to create a sense of urgency to persuade you to do what they're asking. Be wary any time someone tries to convince you that you must act now.

3. Never pay over the phone.
Amazon will never ask you to provide payment information, including gift cards (or “verification cards,” as some scammers call them) for products or services over the phone.

4. Verify links first.
Legitimate Amazon websites contain "amazon.com" or "amazon.com/support." Go directly to our website when seeking help with Amazon devices/services, orders or to make changes to your account.”

Augment These Practices with Our Recommendations

Generally speaking, these practices check out perfectly fine, and they are in line with what we would recommend. However, we would like to provide our own perspectives on these recommendations:

  • If you have any reason to suspect illegitimate communications are afoot, you should use official channels of communication to either confirm or refute your feelings on the message. You should never respond to a message if you have any reason to believe it could be dangerous. We recommend manually finding the supposed sender’s contact information on the company’s website to verify it first, reaching out only through secure secondary methods.
  • If there is any urgent language used in the email, it’s worth being just a hair skeptical of it. Hackers love to use language like this to get users to take action before they think more carefully about it. If the user feels extra pushy in their message, then you should be extra careful.
  • You might make purchases or phone payments here and there, even with legitimate businesses, but no company is ever going to ask you to pay in gift cards.
  • Don’t click on links in any messages you suspect are fraudulent. Go to the website or your account through your normal methods first to see if there is anything to be concerned about.

Need More Info? Learn More with Us

Amazon has some great advice to keep in mind regarding account security, but we would like to also remind you that these types of attacks are not Amazon-exclusive. You can experience phishing attacks from any vector at any time, so be sure to keep your wits about you and your protections in place. They might just save you from a major headache in the future.

First Column IT can help your business shore up any potential problems with its security. To learn more, call us today at (571) 470-5594.

TAGS
Email
TAGS
Spam
Previous Post
May 2, 2025
Dark Web Monitoring Shouldn’t Be an Afterthought
There are a lot of sketchy parts of the Internet, but the sketchiest of all might be the Dark Web. Located on a part of the Internet that search engines don’t index and inaccessible to most web browsers, the Dark Web is a place where cybercriminals thrive. It’s a place where stolen data is put up for sale, and if you’re not careful, your business could be next.
April 30, 2025
How to Break the “Who Cares” Mindset
More often than not, you have an employee on staff who rolls their eyes whenever you have to send out another cybersecurity email or reminder. This “who cares” mindset is dangerous and can infect your business in a profoundly disturbing way. Today, we want to get into why this “who cares” mindset is so dangerous and what’s really at stake when you have an employee who can’t get on board with your security policies.
April 28, 2025
Learn How Resilience is Reshaping the Cybersecurity Landscape
While the goal of cybersecurity is always to prevent threats from taking advantage of your infrastructure, this is becoming more and more challenging as time wears on and threats evolve to changes in cybersecurity discourse. A recent podcast episode from Illumio, “Trust & Resilience: The New Frontlines of Cybersecurity,” explores how trust has become a vulnerability that attackers exploit in new and creative ways. How can cybersecurity as an industry pivot in response to this trend?

Have a project in mind?

Start with our free consultation for VA, DC and MD companies. We will provide a detailed proposal and firm quote based on your specific IT support needs. All at a predictable monthly cost per seat.
Free Consultation - Sign Up Here