Focused guide

Fake Amazon Order-Confirmation Phishing

Criminals send fake Amazon order-confirmation emails designed to panic recipients into clicking a cancellation link, harvesting their Amazon login and payment details.

Part of: Fake Order Confirmation Phishing Scams

Last reviewed: 7 June 2026

Amazon is one of the most impersonated retailers on the internet because almost everyone has an Amazon account and expects occasional order emails. Scammers exploit this familiarity by sending convincing fake order-confirmation messages that look nearly identical to genuine Amazon transactional emails — complete with the Amazon logo, orange colour scheme, and order-number formatting.

The emails typically describe a large or unexpected purchase — an iPhone, a laptop, or a gift card order — to alarm the recipient into acting quickly. The urgency is intentional: by making you believe money is about to leave your account, scammers push you to click the provided link without pausing to think.

Real Amazon order emails arrive from @amazon.com addresses, contain your full delivery address, and link only to amazon.com subdomains. The fake versions fail on at least one of those points, and the link leads to a credential-harvesting page or a phone number staffed by fraudsters who will ask for remote access to your device.

How this scam works on the Amazon brand

Amazon sends genuine order confirmations from addresses like [email protected] or [email protected]. They always include the item image, the delivery address you have on file, and an estimated delivery date. Scammers mimic this layout but send from domains like amazon-support-orders.com or use free webmail accounts with 'amazon' somewhere in the display name.

When the victim clicks the 'Cancel Order' or 'Report Unauthorized Purchase' button, they are taken to a page that looks like the Amazon sign-in screen. Entering credentials there hands them directly to the attacker. Some variants display a phone number instead, and the 'Amazon agent' who answers will attempt to convince the caller to install remote-access software and then drain bank accounts.

A subtler version involves gift-card orders. The fake email claims an Amazon gift card worth a substantial amount has been purchased and sent to an unknown email address. Worried recipients call the number given, and the fraudster instructs them to cancel by purchasing new gift cards and reading out the codes — a classic gift-card cash-out that Amazon's real support would never request.

Common red flags

Sender domain is not @amazon.com — watch for amazon-support-orders.net, amazonsecurity.co, or display-name spoofing
The email does not include your full delivery address or the last four digits of the payment card on file
A phone number is prominently featured — Amazon's genuine order emails do not include phone numbers for cancellations
Clicking 'Manage Order' redirects to a domain that is not amazon.com (check the actual URL before entering any data)
The email asks you to buy gift cards to 'reverse' or 'secure' a charge
Urgent language like 'Your account will be charged in 24 hours unless you act now' to prevent you thinking clearly

How to protect yourself

Open the Amazon app or go directly to amazon.com in your browser — never via the link in the email — and check Your Orders to see whether the purchase exists
If no such order appears, the email is fake; mark it as phishing in your email client and delete it
Enable two-step verification on your Amazon account so that even if credentials are stolen, the attacker cannot sign in
Never call a phone number printed in an unexpected order email; find Amazon's real contact options only at amazon.com/help
Never purchase gift cards to cancel an order — this is always a scam regardless of how convincing the caller sounds
Review your saved payment methods in Your Account > Payment options regularly to catch any unfamiliar cards

How to report it

Forward the suspicious email to [email protected] — Amazon's dedicated anti-phishing team
Report it inside the Amazon app: Account > Customer Service > Report something suspicious
If you clicked the link and entered credentials, change your Amazon password immediately and enable two-step verification
Report the phishing email to your national cybercrime body: IC3.gov (US), Action Fraud actionfraud.police.uk (UK), or ACCC Scamwatch (Australia)
If financial loss occurred, contact your bank and ask about a chargeback or fraud reversal

Frequently asked questions

How do I know if an Amazon email is real?

Sign in directly at amazon.com and check Your Orders. A real order will appear there. Also verify the sender's full email address ends in @amazon.com — not just that 'Amazon' appears in the display name.

I called the number in the email and gave them remote access. What should I do?

Immediately revoke remote access (uninstall any software they asked you to install), change your Amazon password, enable two-step verification, contact your bank to flag potential fraud, and report to your national cybercrime body.

Will Amazon ever ask me to buy gift cards to cancel an order?

Never. If anyone claiming to be Amazon asks you to purchase gift cards and read out the codes, it is always a scam, regardless of how official the communication looks.

How this scam works on the Amazon brand

Common red flags

Sender domain is not @amazon.com — watch for amazon-support-orders.net, amazonsecurity.co, or display-name spoofing

The email does not include your full delivery address or the last four digits of the payment card on file

A phone number is prominently featured — Amazon's genuine order emails do not include phone numbers for cancellations

Clicking 'Manage Order' redirects to a domain that is not amazon.com (check the actual URL before entering any data)

The email asks you to buy gift cards to 'reverse' or 'secure' a charge

Urgent language like 'Your account will be charged in 24 hours unless you act now' to prevent you thinking clearly

How to protect yourself

Open the Amazon app or go directly to amazon.com in your browser — never via the link in the email — and check Your Orders to see whether the purchase exists

If no such order appears, the email is fake; mark it as phishing in your email client and delete it

Enable two-step verification on your Amazon account so that even if credentials are stolen, the attacker cannot sign in

Never call a phone number printed in an unexpected order email; find Amazon's real contact options only at amazon.com/help

Never purchase gift cards to cancel an order — this is always a scam regardless of how convincing the caller sounds

Review your saved payment methods in Your Account > Payment options regularly to catch any unfamiliar cards

How to report it

Forward the suspicious email to [email protected] — Amazon's dedicated anti-phishing team

Report it inside the Amazon app: Account > Customer Service > Report something suspicious

If you clicked the link and entered credentials, change your Amazon password immediately and enable two-step verification

Report the phishing email to your national cybercrime body: IC3.gov (US), Action Fraud actionfraud.police.uk (UK), or ACCC Scamwatch (Australia)

If financial loss occurred, contact your bank and ask about a chargeback or fraud reversal

Frequently asked questions

How do I know if an Amazon email is real?

I called the number in the email and gave them remote access. What should I do?

Will Amazon ever ask me to buy gift cards to cancel an order?

Never. If anyone claiming to be Amazon asks you to purchase gift cards and read out the codes, it is always a scam, regardless of how official the communication looks.