Learn more Shop now Learn more Shop now Shop now Shop now Shop now Shop now Learn More Shop now Shop now Learn more Shop Fire Shop Kindle Learn More Shop now Fitbit

About Identifying Whether an E-mail is from Amazon

E-mails from Amazon will never ask you for personal information. If you receive a suspicious (sometimes called phishing) e-mail, here are some tips to determine if it's an e-mail from Amazon.

If you received an e-mail regarding an order you didn't place, the e-mail likely wasn't from Amazon. Please send the e-mail as an attachment to stop-spoofing@amazon.com. For more information, go to Report a Phishing or Spoofed E-mail.


Don't open any attachments or click any links from suspicious e-mails. If you've already opened an attachment or clicked a suspicious link, go to Protect Your System.

To help identify phishing e-mails and for tips on safe online shopping, see our short Help Video:

Suspicious e-mails often contain:

  • An order confirmation for an item you didn't purchase or an attachment to what looks like an order confirmation.

    Note: Go to Your Orders to see if there's an order that matches the details in the e-mail. If it doesn't match an order, the message isn't from Amazon. Amazon never puts attachments on order confirmation e-mails.

  • Requests for your Amazon.co.uk username and/or password, or other personal information. Personal information includes things like: your National Insurance number, your credit card number, PIN number, or credit card security code, or your mother's maiden name.

    Note: Amazon will never ask for personal information to be supplied by e-mail.

  • Requests to update payment information through a link in the e-mail. Amazon e-mails would include instructions on how to verify account information through the Amazon.co.uk website.

    Note: Go to Your Account and click Manage Payment Options in the Payments section. If you aren't prompted to update your payment method on that screen, the message isn't from Amazon.

  • Links to websites that look like Amazon.co.uk, but aren't Amazon.

    Note: Legitimate sites have a dot before "amazon.co.uk" such as http://"something".amazon.co.uk (usually "www"). Please note, the legitimate site for Amazon Pay is pay.amazon.com/uk. We'll never send e-mails with links to an IP address (string of numbers), such as "http://123.456.789.123/amazon.co.uk/".

  • Attachments or prompts to install software on your computer.

  • Typos or grammatical errors.

  • Forged e-mail addresses to make it look like the e-mail is coming from Amazon.co.uk.

    Note: If the "from" line of the e-mail contains an Internet Service Provider (ISP) other than @amazon.co.uk, then it's a fraudulent e-mail.

Was this information helpful?

Thank you for your feedback.

Please select what best describes the information:

Thanks! While we're unable to respond directly to your feedback, we'll use this information to improve our online Help.