Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files
July 31, 2025

Don’t Take the Bait: Amazon Login Scams Are on the Rise

Posted in: News

banner that says breaking news with a satellite.

Screenshot of a phishing email posing as Amazon contacting users about their Prime Account.

Amazon recently issued a warning to over 200 million Prime members about an ongoing wave of scams trying to steal login credentials. If you’ve ever shopped on Amazon (and let’s be honest, who hasn’t?), this is something to take seriously — especially on a busy college campus where email, text, and social media scams are common.

What’s Going On?

Scammers are sending fake emails and texts pretending to be from Amazon. They might say things like:

  • “Your account has been locked.”

  • “There’s a problem with your payment method.”

  • “Click here to confirm your delivery.”

The goal? To trick you into entering your Amazon login info on a fake website — giving scammers access to your account, your personal data, and in some cases, even saved payment methods.

Why It Works

These scams are getting more sophisticated. The fake websites look real. The messages are urgent. And during busy times — like the start of a semester or around Prime Day — people are more likely to click without thinking.

How You Can Stay Safe

Here’s how to avoid getting phished:

  • Don’t click links in suspicious emails or texts. If something seems off, go directly to amazon.com and check your account manually.

  • Watch for misspellings, odd grammar, or strange-looking web addresses. These are major red flags.

  • Use two-factor authentication on your Amazon account (and any account that offers it).

    • Duo MFA is available for your personal accounts too!

  • Report suspicious messages to Amazon at stop-spoofing@amazon.com or by visiting their Report a Scam webpage.

Looking Beyond Amazon

Amazon may be the current target, but scams like this happen all the time with companies like Netflix, Apple, PayPal, banks, and even university services.

Here’s how to future-proof yourself:

  • Be skeptical of “urgent” messages demanding quick action — especially those about account locks or payments.

  • Never enter your password after clicking a link from an email or text. Navigate to the site directly.

  • Enable two-factor authentication on all accounts that support it — email, streaming, banking, shopping, and university systems.

  • Use unique passwords for each account. A password manager can help.

  • Keep your devices updated to patch known vulnerabilities that attackers could exploit.

Scammers follow trends. If you’re hearing about a sale, service disruption, or new feature from a big company — chances are, a scam email about it is already making the rounds.

 

“Clicking on suspicious links is like playing ‘Russian roulette’… with your computer.”

— Emily Harris JD, CISSP, CIPP/US
Chief Information Security Officer

Want to Know More?

MalwareBytes | Amazon warns 200 million Prime customers that scammers are after their login info

Lifewire | Warning: Don’t Click That Cancel ‘Amazon Subscription’ Email! It’s a Scam