Amazon phishing emails are among the most common scams. They often claim your order is cancelled, your account is locked, or you won a prize. The giveaway is always the sender address — real Amazon emails come from @amazon.com only.
About this scam type: Amazon order confirmation or account alert emails
ScamRadar verdict: likely-scam · Risk score: 78/100
From: Amazon Support <amazon-security@account-verify-amzn.com> Subject: Your order #114-8821093-3471952 has been placed Thank you for your order of Apple iPhone 15 Pro Max 1TB - Total: $1,549.00. If you did not authorize this purchase, click here to cancel within 24 hours: [Cancel Order]
The sender domain is the dead giveaway — real Amazon emails come from @amazon.com only, never from amzn.com lookalikes or hyphenated variants. The fake order amount is designed to panic you into clicking before checking.
If you only clicked the link but did not log in, close the page and clear your browser history. If you entered your Amazon username and password on the fake page, change your Amazon password immediately at amazon.com (not through any email link), enable two-step verification under Login & Security, and review your active sessions and recent orders. If you entered card details, contact your card issuer. Also check whether you reused that password on other sites — scammers will try it on Gmail, banking, and PayPal next. Use a password manager to generate unique passwords going forward.
Open a new browser tab and type amazon.com directly. Sign in and check Your Orders — if there is no matching order, the email is fake. You can also open the Amazon Message Center under Your Account, where every legitimate email from Amazon is mirrored. If a message is not in the Message Center, Amazon did not send it. Real Amazon emails always come from these domains: amazon.com, amazon.[country code], marketplace.amazon.com, payments.amazon.com.
Check the sender domain (must end in @amazon.com), check the Amazon Message Center after logging in directly, and never click links in the email itself. Real Amazon emails greet you by your registered name and never ask for password, full card number, or Social Security number.
Fake order confirmations typically use real-looking order numbers, expensive items (iPhones, gaming consoles, gift cards), and urgent cancellation deadlines. The Cancel button leads to a phishing page that asks for your Amazon login. Real cancellations are done through Your Orders, never through a one-click email link.
Clicking alone does not compromise your account. The risk is whether you entered credentials on the page that loaded. If you did, change your Amazon password immediately and enable two-step verification. If you used that password elsewhere, change it on those sites too.
Amazon has over 200 million Prime members in the US alone, and almost everyone has a recent or pending order, which makes a fake order email plausible enough to get clicks. Scammers use this baseline familiarity to trigger fast emotional reactions before victims verify.
Forward the full email (with headers) to stop-spoofing@amazon.com. You can also report it to the FTC at reportfraud.ftc.gov and to your email provider's phishing report function (Gmail and Outlook both have one-click report buttons).
Last reviewed: 2026-06-24 by the ScamRadar editorial team. We update this page when scammer tactics change or when official agencies issue new guidance.
ScamRadar · Blog · Scam Database · Is It Legit? · About