Scammers are increasingly impersonating Amazon in text message campaigns that promise refunds for products that allegedly failed quality inspections or were recalled. According to a Federal Trade Commission (FTC) advisory from July 24, these fraudulent messages claim a routine quality inspection found an item doesn’t meet Amazon’s standards and offer a full refund without requiring the item to be returned, provided the recipient clicks a link to request the money. The FTC clarifies that there is no actual refund; the link is a phishing attempt designed to steal money and personal information.
This scam exploits the trust consumers place in major retail brands. Zimperium’s data indicates that more than 46% of detected big brand phishing attacks impersonate Amazon, making it the most impersonated brand by a significant margin. The attacks are part of a broader trend where malicious texts hide behind trusted names, with Zimperium noting that attackers also target payment processors, digital wallets, and shipping services to create a seamless illusion of legitimacy.
How the Amazon Refund Text Scam Works
The scam typically begins with an unexpected text message that appears to be from Amazon. The message claims there is a problem with a recent purchase, often citing a “routine quality inspection” or a product recall. It offers a full refund and states that the item does not need to be returned. To receive the refund, the recipient is instructed to click a link provided in the text.
The link leads not to Amazon’s official website but to a spoofed site designed to capture login credentials, personal information, or financial details. In some cases, clicking the link may also install malware on the user’s device. The FTC and other security experts emphasize that legitimate communications from Amazon rarely ask for sensitive information via text, and Amazon’s official policy is to direct customers to check their account directly through the app or website for any issues with orders or recalls.
Red Flags in Suspicious Text Messages
Amazon and security organizations have identified several red flags that can help consumers identify fraudulent texts:
- Unrecognized Phone Numbers or Foreign Country Codes: Messages from numbers that are not associated with Amazon or that include a country code different from the user’s location are suspicious.
- Unexpected Order or Delivery Notifications: Texts about orders, deliveries, or refunds that the consumer is not expecting should be treated with caution.
- Phishing Links with Errors: URLs that contain misspellings, typos, or appear as an IP address rather than a standard domain are likely malicious.
- Grammatical Errors and Urgency: Fake texts often contain grammatical mistakes and create a sense of urgency to pressure the recipient into acting quickly without thinking.
Legitimate texts from Amazon are rare and will never ask for passwords, credit card numbers, or other sensitive personal information directly through the message.
Steps to Take If You Receive a Suspected Scam Text
If you receive a text message claiming to be from Amazon offering a refund, the recommended course of action is clear:
- Do Not Click Links or Respond: Avoid interacting with the message in any way. Clicking links or replying can confirm your number is active to scammers and potentially expose you to further attacks.
- Verify Through Official Channels: If you are concerned about a potential issue with an order, log in to your Amazon account directly through the official Amazon website or mobile app. Do not use any links or contact information provided in the suspicious text. Check your order history and messages within your account for any legitimate notifications.
- Report and Delete the Message: Forward the unwanted text to 7726 (SPAM) or use your phone’s “report junk” option. After reporting, delete the message from your device.
- Report the Scam: File a report with the FTC at ReportFraud.ftc.gov. Reporting helps authorities track and combat these fraudulent activities.
What to Do If You Already Clicked the Link or Provided Information
If you accidentally clicked the link or shared personal information, taking immediate action is crucial to mitigate potential damage:
- Secure Financial Accounts: Contact your bank and credit card companies immediately. Alert them to the potential fraud and consider freezing your accounts to prevent unauthorized transactions.
- Change Passwords: Update passwords for any accounts that may have been compromised, especially your Amazon account and any accounts that use the same password. Enable two-factor authentication (2FA) wherever possible.
- Monitor for Suspicious Activity: Keep a close watch on your bank and credit card statements for any unauthorized charges. Be prepared to dispute any fraudulent transactions.
- Protect Your Identity: If you provided your Social Security number, visit IdentityTheft.gov for guidance on monitoring your credit and taking steps to protect your identity.
- Scan Your Device: Run a full security scan on your device using reputable antivirus software to check for any malware that may have been installed.
Proactive Account Security Measures
To better protect against these and other phishing attacks, Amazon recommends several security practices:
- Use Passkeys: Amazon advocates for the use of passkeys, which are a more secure and convenient sign-in method than passwords. According to Amazon, over 300 million customers have already adopted passkeys. Passkeys are based on cryptographic keys and are resistant to phishing and password theft.
- Enable Two-Factor Authentication: Where passkeys are not available, enabling two-factor authentication adds a critical layer of security to your accounts.
- Never Log In via Links: Always access your Amazon account by typing the official URL directly into your browser or using the official mobile app. Never log in through a link in an email, text, or online post.
Conclusion
The Amazon refund text scam is a prevalent and sophisticated form of phishing that targets millions of consumers. By mimicking official communications, scammers aim to steal personal and financial information. The key to protection lies in vigilance and adherence to security best practices: never click unsolicited links, verify all communications through official channels, and report suspicious messages. For those who have already engaged with a scam, swift action to secure accounts and monitor for fraud is essential. As Amazon and other brands continue to invest in consumer protection and education, informed consumers are the first line of defense against these fraudulent schemes.