About Identifying Whether an E-mail is from Amazon
E-mails from Amazon will never ask you for personal information. If you receive a suspicious (sometimes called phishing) e-mail, here are some tips to determine if it's an e-mail from Amazon.com.
Don't open any attachments or click any links from suspicious e-mails. If you've already opened an attachment or clicked a suspicious link, go to Protect Your System.
- Never ask you to reply with personal information.
- We collect personal information only through the Amazon.com website. Personal information includes things like:
Your social security number or tax identification number
Your credit card number, PIN number, or credit card security code (including "updates" to any of the above)
Your mother's maiden name
Your Amazon.com password
- Provide instructions on how to verify account information through the Amazon.com website.
- We'll never prompt you to verify account information through a link in the e-mail.
- Don't contain unsolicited attachments.
- We won't include an attachment you weren't expecting.
- Are proofread.
- Typos and grammatical errors aren't common.
- Only link to sites that begin with "http://"something".amazon.com".
- Legitimate sites have a period before "amazon.com". Sites such as "payments-amazon.com" are not actually Amazon. We'll also never use an IP address (string of numbers) followed by directories, such as "http://123.456.789.123/amazon.com/".
If the message is an order confirmation, look in Your Orders and see if there is an order that matches the details for the one in the e-mail. If it doesn't match an order, the message isn't from Amazon.
If the message asks you to update your payment method, go to Your Account and click Manage Payment Options in the Payment section. If you aren't prompted to update your payment method on that screen, the message isn't from Amazon.