Is this Amazon message a scam?

Amazon is one of the most impersonated brands in the world. Whether it is a suspicious order confirmation, a security alert, or a call from 'Amazon customer service,' the red flags are consistent and recognizable.

If you did not initiate the contact, treat any Amazon communication as suspicious. Real Amazon emails come only from @amazon.com domains and never ask for payment over the phone or via gift cards.

Red flags

Email comes from a non-@amazon.com address
It claims you made a purchase you do not recognize
It asks you to call a phone number to dispute a charge
The 'cancel order' link goes to a non-Amazon URL
A caller asks you to pay with gift cards to resolve an issue
You are asked to install remote access software

How Amazon impersonation scams operate

Subject: Order #114-9028174-2933872 confirmed - Apple iPhone 15 Pro Max 256GB - $1,199.00. If you didn't authorize this purchase, click [Cancel Order] within 24 hours.

Amazon order spoofing exploits the fact that almost every American has a recent or pending Amazon order, making fake confirmations plausible enough to trigger panic clicks.

If you already clicked or paid

Open a new browser tab and go directly to amazon.com (never through the email). Sign in and check Your Orders — if no matching order exists, the email is fake. Change your Amazon password if you logged in on the fake page, enable two-step verification, and review Recent Orders, Login & Security, and Authorized Devices. If you reused that password elsewhere, change it on those sites too.

How to verify the real thing

Real Amazon emails come from @amazon.com only and are mirrored in your Amazon Message Center under Your Account. If a notification isn't in your Message Center after logging in directly, Amazon didn't send it. Real Amazon emails greet you by your registered name, never 'Dear Customer.'

Frequently asked questions

How can I tell a real Amazon email from a fake?

Sender domain must end in @amazon.com (not amazon-support.com or amzn-confirm.com). Real emails greet you by name and appear in your Message Center after direct login.

Why is Amazon impersonated more than any other brand?

200+ million US Prime members means almost every adult has a recent Amazon interaction. Scammers exploit baseline familiarity to bypass skepticism.

What is the Amazon callback scam?

Fake order emails include a phone number to call for cancellation. The caller pressures you to install remote support software (so they can 'process' the refund), then drains accounts. Real cancellation is in Your Orders only.

I clicked the cancel link — am I hacked?

Only if you logged in or entered card details on the page that loaded. Change your Amazon password from amazon.com directly and enable two-step verification if you did.

How do I report an Amazon phishing email?

Forward the full email with headers to stop-spoofing@amazon.com. Report to FTC at reportfraud.ftc.gov.

Related scam guides

Last reviewed: 2026-06-24 by the ScamRadar editorial team. We update this page when scammer tactics change or when official agencies issue new guidance.

ScamRadar · Blog · Scam Database · Is It Legit? · About