Amazon email scam could cost up to £750 - here's what you should look out for

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Amazon customers have been warned they could lose hundreds of pounds if they fall for a “convincing” fake email scam.

Action Fraud, the UK’s fraud and cyber-crime centre, said the spoofed emails from “service@amazon.co.uk” claim recipients have made an order online and mimic an automatic customer email notification.

The number of people who have been sent the fake email is unclear, although Action Fraud said it had received several reports about the scam.

The email claims shoppers have ordered products including an expensive vintage chandelier, Bose stereos, iPhones and luxury watches.

In order to get a shopper’s financial information, the email cleverly indicates that if the recipient didn’t authorise the transaction they can click on the supposed help centre link provided to receive a full refund.

One shopper lost £750 after clicking on the link.

After the victim notified their bank, Nationwide, their credit card was cancelled and the lost money refunded in full.

So what should you look out for to make sure you don’t fall for the scam?

Amazon said that scam emails will often contain links to websites that look like Amazon.co.uk, but aren’t Amazon.co.uk.

Legitimate sites have a dot before “amazon.co.uk”, such as http://“something”.amazon.co.uk (usually “www”).

Sites such as “payments-amazon.com” aren’t Amazon sites. Amazon will also never send emails with links to an IP address (string of numbers), such as “http://123.456.789.123/amazon.co.uk/”.

Don’t click on attachments or prompts to install software on your computer.

If you’ve already opened an attachment or clicked a suspicious link, go to Protect Your System.

An official email from Amazon will not contain typos. Delete it. American spellings in emails purporting to be from Amazon in the UK can also be a giveaway.

Candid Wüest, Threat Researcher at Symantec, told The Independent: “Configuring popular internet applications such as your web browser and email software is one of the most important areas to focus on.

“The strongest security settings will give you the most control over what happens online but may also frustrate some people with a large number of questions (‘This may not be safe, are you sure you want do this?’) or the inability to do what they want to do. Often security and privacy settings can be properly configured without any sort of special expertise by simply using the ‘help’ feature of your software or reading the vendor’s website.”

Requests for your Amazon username, password or any other personal information should be ignored.

The online retailer will never ask for this information to be supplied by email.

If you have already clicked on the suspicious email you can report a fraud and receive a police crime reference number by calling Action Fraud on 0300 123 2040, alternatively you can use this online fraud reporting tool.