Here are some ways to spot an Amazon imposter scam

Is that message really from Amazon or from a scammer? - Photo by Christian Weidiger on UnSplash

Amazon shows you a foolproof way to stay safe

Artificial intelligence (AI) has drastically changed the phishing and scamming game, making websites look more realistic and texts more convincing. But ConsumerAffairs researchers have uncovered a telltale mistake that scammers are making and it may help consumers know how they can further detect the nuances of these scams.

The scam often begins with a text from what appears to be Amazon and looks like this:

PhotoA careful eye would tell you instantly that there’s a mistake here that instantly says this is a scam. Can you spot it?

It’s the “O” in “Amazon.” It’s actually a zero – “0” – instead of an “O.” But, many people would gloss over something so insignificant.

There’s also the link. It looks like one of the shortened “Bitly” links that many companies use because those links can help companies track customer engagement. Another thing to easily gloss over.

Typically, researchers suggest verifying links with "safe browsing" or "malicious site" checkers. However, these scammers were smart enough to build a link that even Google's Safe Browsing tool said was "no unsafe content found." 

Photo

Where the scammers' wheels came off

In all honesty, the ConsumerAffairs researchers were 99% sure that this was a scam text, but they wanted to go further and see what the scammers were up to and if there was anything we could do to help our readers stay safe from situations like this.

In fact, there is. Follow along…

When the text was clicked on, it took us to this normal-looking Amazon page where – if we did what the sammers were asking us to do – we would fill in our Amazon account information. It’s there on that page where the scammers left themselves vulnerable.

PhotoYou can’t click on anything in that graphic because it’s a static image, but the researchers wanted to see what would happen if they clicked on those links for “Privacy Policy,” “Conditions of Use,” etc. And guess what? NONE were clickable. They went absolutely nowhere and the scammers had royally shot themselves in the foot.

And it happened with the Post Office, too!

Shortly after we received the “Amazon Prime” text, here came another one from the U.S. Postal Service about a package delivery. Again, the researchers knew this was a scam, but wanted to see what was behind the curtain so we could inform our readers.
Photo

In order, the clicks led to these “postal service” pages where the scammer's goal was to get a credit card number:

Photo

PhotoPhotoHere – just like with Amazon – the scammers failed to build in actual clickable links. If you tried to click on any of the links, they went nowhere fast.

Photo

The lessons to be learned

The unwritten lesson here is that you should never click on a link sent in a text. Rather, you should call the company and speak directly to them.

However, we all make mistakes and tend to blitz through texts and click on things without thinking. If you ever fail to abide by the “don’t you dare click on that link” rule and get to what appears to be a real website, remember to try and click on the sub-links to things like “Privacy Policy.” If they don’t work, get off that site immediately.

IMPORTANT NOTE: It’s possible that at some point, the scammers will figure out their mistake and try to rectify the situation, but for now, that’s your best move.

What Amazon wants you to know and do

Amazon doesn’t like this kind of nonsense, but scammers don’t care. Amazon is the second most impersonated organization, having to sweat it out with over a billion phishing emails sent every single day.

A spokesperson for Amazon told ConsumerAffairs that your ace in the hole in keeping yourself safe is this:

“To find out if a message is really from Amazon, visit the Message Center under ‘Your Account.’ Legitimate messages from Amazon will appear there as the Message Center displays a log of authentic communications sent from Amazon,” the spokesperson suggested.

Amazon also added that you can also report suspicious communication to the company at amazon.com/reportascam and that it might be smart to read up on how you can further identify and avoid impersonation scams: