Search Help:

Identifying False (Spoof or Phishing) E-mails

A "phishing" or "spoof" e-mail looks similar to a real e-mail from Amazon. It may direct you to a false website that looks similar to Amazon which asks you to enter your account information and password. Your account information may then be used to commit fraud.

Follow a few simple rules to help protect yourself from phishing and spoofing e-mails:

Know what Amazon won't ask for
Look for spelling and grammar errors
Check the return address
Check the website address
Use Your Seller Account to track your orders
Never "unsubscribe"
Help us to stop phishing and spoofing
Know what Amazon won't ask for

Amazon will never, for any reason ask you to send us the following information in an e-mail:

  • Your national insurance number or VAT registration number
  • Your bank account information, credit card number, PIN number or credit card security code
  • Your mother's maiden name or other information that could be used to identify you (such as your birth city or your favorite pet's name)
  • Your Amazon.co.uk password

You should only enter personal information on our website.

Note: Amazon.co.uk will never ask you to pay for a transaction using a payment method other than the Amazon.co.uk Marketplace on the website.

Back to top

Look for spelling and grammar errors

Many phishing e-mails are translated from other languages and are not proofread. Remember though, good grammar can simply mean a clever spammer; a well written e-mail doesn't necessarily originate from a reliable source.

Back to top

Check the return address

Genuine Amazon e-mails come from an e-mail address ending in "@amazon.co.uk or @amazon.com".

Fraudulent e-mails do their best to look like they originated from Amazon, for example, by putting "amazon" at the beginning of the address, such as "amazon-security@hotmail.com" or amazon-marketplace@msn.com,. If the return address contains the name of another Internet Service Provider (ISP), you can be sure the e-mail is fraudulent.

However, the return address can be forged. Always evaluate an e-mail using all the tips on this page, especially know what Amazon won't ask for.

Back to top

Check the website address

Some phishers set up spoofed websites that contain the word "amazon" somewhere in the URL. Genuine Amazon.co.uk URLs always begin with http://www.amazon.co.uk, https://www.amazon.co.uk or http://s1.amazon.co.uk.

We never use a combination such as "security-amazon.co.uk" or "amazon.com.biz".

Some phishing e-mails include website addresses that look as though they take you to Your Account, but really take you to a completely different website. If you hover over the link you often can see the underlying URL, either as a pop-up or as information in the browser status bar.

The best way to ensure that you don't respond to a phishing e-mail is to go directly to Your Account to review or change anything about your account after entering your password.

Back to top

Use Your Seller Account to track your orders

You should view the e-mails we send you when you make a sale as helpful reminders. The most reliable way to track your orders is via Your Seller Account.

Never "unsubscribe"

Be wary of any offer to unsubscribe you from a service. Many spammers use this to create a list of valid e-mail addresses.

If you'd like to unsubscribe from any Amazon.co.uk mailings, update your communications preferences in Your Account.

Back to top

Help us to stop phishing and spoofing

Amazon has taken several phishers and spoofers to court; these cases came about via information provided to Amazon through the stop-spoofing@amazon.com e-mail address.

Report spoofed e-mails to Amazon.co.uk

  • E-mail stop-spoofing@amazon.com and attach the e-mail you suspect is a fake. Sending the e-mail as an attachment is the best way to preserve the header information which makes it easier for us to trace its origins.
  • If you can't send the e-mail as an attachment, forward it to stop-spoofing@amazon.com, and include as much of the header information as you can.

Please note: Amazon cannot respond to all e-mails it receives at stop-spoofing@amazon.com. If you have specific questions about your account, please contact us.

Back to top