Account under potential threat: Amazon user's security compromised
In recent months, there has been a significant increase in Amazon refund scam texts, with reports of a staggering 5000% surge in July 2025, particularly following Amazon Prime Day events. These scams are designed to trick users into providing sensitive information, such as login credentials and payment details, through phishing sites or misleading links.
The scams typically lure victims with fake refund offers or urgent messages about Prime membership renewals or supposed hacked accounts. These messages, which are outside Amazon's control, often appear to be legitimate due to the use of personal information by the scammers.
According to Trend Micro, 30% of consumers have fallen victim to online scams, and many did not use any technology to verify the scam. The scale of these text attacks sweeping the U.S. and Europe is "out of control."
Amazon recommends several key steps to protect consumers. Firstly, users should verify any unexpected texts by logging into their account using the Amazon app or usual methods. Legitimate Amazon messages always appear in the Message Center within your account.
Secondly, be highly suspicious of any message requesting payment outside Amazon’s secure platform, especially payment via gift cards or urgent calls for immediate action. Never input your Amazon login information on sites linked from suspicious emails or texts.
Thirdly, report suspicious communications through Amazon’s self-reporting tools or customer service. Amazon runs an active program to monitor and shut down impersonation scams.
It is also advisable to ensure your Amazon account is protected. At least use two-factor authentication, and ideally, passkeys. Scammers are known to use farms of normal phones and SIMs to bypass normal checks, so it's crucial to stay vigilant.
In 2024, Amazon initiated takedowns of more than 55,000 phishing websites and 12,000 phone numbers being used as part of impersonation schemes. For more information about Amazon's defense against impersonation scams, refer to Forbes' article.
Remember, Amazon will never ask for account passwords or one-time codes over email or phone. Avoid clicking on “cancel subscription” or “refund” buttons in unsolicited messages.
Stay safe, and let's work together to reduce the success of these growing scams targeting millions of Prime members.
- The surge in Amazon refund scams, which have increased by 5000% in July 2025, is not just a problem for the e-commerce industry, but also has significant implications for cybersecurity, finance, and banking-and-insurance, as these scams often target sensitive information such as login credentials and payment details.
- As the number of reported phishing attacks on Amazon accounts continues to rise, it's crucial for consumers to adopt a proactive stance in safeguarding their accounts. This includes using two-factor authentication, passkeys, and verifying any unexpected texts by logging into their account via the Amazon app or usual methods.
- Coupled with Amazon's efforts to combat these scams, such as taking down over 55,000 phishing websites and 12,000 phone numbers in 2024, it's essential for the technology industry, including IT companies like Apple (iPhone attacks) and Google (Android attacks), to collaborate in developing more robust cybersecurity measures to protect users against unwanted attacks.
