Amazon Prime subscribers were recently sent a communication from the online marketplace detailing popular scams and what can be done to protect against them. While we have our own set of best practices to share, we thought we would take a closer look at Amazon’s advice to see how it squares up against our own.
The communication sent out by Amazon focused mostly on services related to Amazon. For example, the communication mentions “Prime membership scams” and “Account suspension/Deletion scams.”
To be more precise, this email issued to Prime members describes what to expect from the various scams. For a Prime membership scam, users might encounter messages claiming further fees must be charged to an account in question, or users might have to log in to dispute charges or provide payment information (which, if you think about it, makes zero sense, right?).
According to the official company email: “Amazon will never ask you to provide payment information for products or services over the phone.” If Amazon ever needs you to take action, they recommend confirming through the official website or application and checking for legitimate communications sent through their secure Message Center.
Suspension and deletion scams are also covered in detail here. Amazon describes these attacks as those delivered via text, email, or phone call which attempt to convince users to log in or provide payment information under duress of a lost or suspended account.
According to Amazon’s communication, “Amazon will never ask you to disclose your password or verify sensitive information over the phone or on any website other than Amazon.com.” Again, they double down on any significant communications being sent directly to their secure Message Center, and they urge users to confirm identities before ever responding to these urgent or out-of-place messages.
Amazon also offers the following advice for anyone who would like additional security information about their platform:
“1. Trust Amazon-owned channels.
Always go through the Amazon mobile app or website when seeking customer service, tech support, or when looking to make changes to your account.
2. Be wary of false urgency.
Scammers may try to create a sense of urgency to persuade you to do what they're asking. Be wary any time someone tries to convince you that you must act now.
3. Never pay over the phone.
Amazon will never ask you to provide payment information, including gift cards (or “verification cards,” as some scammers call them) for products or services over the phone.
4. Verify links first.
Legitimate Amazon websites contain "amazon.com" or "amazon.com/support." Go directly to our website when seeking help with Amazon devices/services, orders or to make changes to your account.”
Generally speaking, these practices check out perfectly fine, and they are in line with what we would recommend. However, we would like to provide our own perspectives on these recommendations:
Amazon has some great advice to keep in mind regarding account security, but we would like to also remind you that these types of attacks are not Amazon-exclusive. You can experience phishing attacks from any vector at any time, so be sure to keep your wits about you and your protections in place. They might just save you from a major headache in the future.
Horne & Benik can help your business shore up any potential problems with its security. To learn more, call us today at (603) 499-4400.
Comments