There are affiliate links on this page.
Read our disclosure policy to learn more.

 

Translate this page to any language by choosing a language in the box below.

Amazon.com Email Scam - Phishing for Your Identity

Phishing - The Amazon.com Email Scam
Redirects to spoofed (Fake) website: http://citdsl.fix.netvision.net.il/login.html

You may have received an email like one of the samples below that looks very authentic, like they came from Amazon.com. These emails were not sent by Amazon.com; Amazon.com is a victim as well. If you receive an email similar to the one below, DO NOT click on the link, and do not enter any information on the forms there. You can see another example here.

The website that the link leads to is a spoof; a fake website, not created by Amazon.com. It goes to http://citdsl.fix.netvision.net.il/login.html, not Amazon.com! When you enter the information they ask for, you will simply be handing the thieves the keys to your bank accounts.  That is how spoofing and phishing works.

Remember, no reputable business would send you an email requesting your personal account information. Any such email you receive asking for this information should be considered phony and brought to the attention of the business being 'phished'.

Anytime you need to go to a website for your bank, credit card companies or other personal, financial or confidential information; do not follow a link in an email; just type their address in your browser directly (such as www.Amazon.com. )

Below are actual phishing emails that started circulating in early 2007. We have put a warning over the links to the phisher's website.

Dear Amazon member,

We are contacting you to inform you that our Account Review Team identified some unusual activity in your account. In accordance with Amazon's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. To secure your account and quickly restore full access, we may require some additional information from you for the following reason: We have been notified that a card associated with your account has been reported as lost or stolen, or that there were additional problems with your card.

This process is mandatory, and if not completed within the nearest time your account or credit card may be subject for temporary suspension. To securely confirm your Amazon information please click on the link bellow:

http://citdsl.fix.netvision.net.il/login.html

We encourage you to log in and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure.

For more information about how to protect your account please visit Amazon Security Center. We apologize for any incovenience this may cause, and we apriciate your assistance in helping us to maintain the integrity of the entire Amazon system.

Thank you for using Amazon!

The Amazon Team

Privacy Notice © 1995-2007, Amazon.com, Inc. or its affiliates.


Another scam email:

Date: January 30, 2007 12:14:34 PM EST

To:

Subject: Maintaining the trust of our customers !!!

Reply-To: Amazon.com

Dear Customer,

- Due to recent account takeovers and unauthorized listings, Amazon is requesting a new account verification procedure. From time to time, randomly selected accounts (seller and/or buyer) are placed under an advanced updating process based on merchant accounts/bank relations and on-file credit cards. Amazon may also request in an e- mail message scanned/faxed copies of one or more photo ID's. Your account confirmation may go wrong if your credit card/bank account has expired, or if you have changed/replaced your credit card without letting us know about the change.

Your account is not suspended, but if in 36 hours after you receive this message your account is not confirmed we reserve the right to terminate your Amazon subscription.

If you received this notice and you are not an authorized Amazon account holder, please be aware that it is in violation of Amazon policy to represent oneself as an Amazon user. Such action may also be in violation of local, national, and/or international law.

To confirm your identity with us click HERE

We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter.

Respectfully,

Amazon.com, Inc.

Copyright 2007 Amazon.com, Inc. All rights reserved.

Amazon sent this e-mail to you because your Notification Preferences indicate that you want to receive information about Special Events & Promotions. Amazon will request personal data (password, credit card/bank numbers) only on our home site, which is securely incrypted [sic] with SLL.
 

 

 


 

Report the scam to Amazon

To report a scam email to Amazon, submit a scam report to Amazon.

You may also forward phishing emails and other suspected forgeries directly to Amazon at stop-spoofing@amazon.com.

Amazon also has the following direct links for specific situations based on how you have responded to email.

Report unsolicited packages received

Report Gift Card Fraud/Abuse

 

Protect yourself

Do not unsubscribe: Never follow instructions contained in a forged email that claim to provide a method for unsubscribing. Many spammers use these unsubscribe processes to create a list of valid, working email addresses. Use the features in Seller Central to track your orders: The Sold, Ship Now email notification is a useful tool. However, you can find the most accurate and up-to-date information for your orders using the Manage Orders feature in your seller account.
If an offer sounds too good to be true, it probably is: Sometimes phisher emails will offer you deals, such as a discount or a free item, in return for completing a simple task, (for example, signing in to your seller account). We recommend that you never sign in to your seller account by clicking on a link embedded in email.

Do not:

  • Call the telephone number.
  • It might be a for-fee premium-line scam similar to a 900 number that could cost you money. Also, by calling, you are confirming that your telephone number is real and you are a potential idiot, meaning you will get many more scam calls in the future.
  • Click on any links in the email.
    You may be installing malware. And by clicking on the links, you confirm that your email address is active and being read. you will see a big increase in future scam emails.
  • Reply to the email. Again, you will just be confirming that your email address is real. Just delete the email.