Amazon Warns 220 Million Customers Of Prime Account Attacks
Beware this Prime account attack: Amazon warns customers.
Update, July 19, 2025: This story, originally published on July 17, has been updated with additional information from Amazon regarding account attack trends following a warning emailed to 220 million Prime account holders about an increase in Amazon impersonation scams.
I know better than most that Amazon Prime subscribers are under attack: I have been on the sharp end of multiple phone calls and email-based threats in the last four weeks alone. As someone with experience on the frontlines of cybersecurity, you would expect me to be aware of such threats and deal with them accordingly. However, not everyone is as well-informed, which is why Amazon has warned all 220 million Prime customers about an increase in Amazon impersonation scams.
What You Need To Know And Do
Malware intelligence researcher Pieter Arntz at Malwarebytes issued a timely reminder on July 16 that “scammers are impersonating Amazon in a Prime membership scam.” I say timely, quite besides regular reminders of such attack threats being most welcome, because I have experienced not one, but two of these this week. Both were telephone calls, which I only answered as I was expecting to hear from the hospital and was in bed, ill at the time.
The cause of Arntz’s reminder, and the underlying Amazon warning to all 220 million Prime customers, however, was a spike in email attacks claiming that subscription rates are about to rise, along with a cancel subscription button that would lead to Prime account credential theft. The phone calls I took, by the way, were similar in outcome but differed in that they wanted me to believe someone had purchased an iPhone 13, of all things, using my account.
The warning emails from Amazon, which I received on July 4 and wrote about at Forbes on the very same day, started with a stark alert that Amazon has become aware of “an increase in customers reporting fake emails about Amazon Prime membership subscription.” These emails are particularly dangerous because, as Amazon said, they “might include personal information in the emails, obtained from other sources, in an attempt to appear legitimate.”
This came on top of earlier warnings from security researchers that more than 120,000 fake Amazon domains and web pages had been set up in the weeks and months before Prime Day, one assumes to be used to help in such attacks.
What Are Amazon Prime Account Impersonation Attacks?
Amanda has described an impersonation scam, the type of attacks that it is warning Prime users about, as being when an attacker “pretends to be a trustworthy organization or person in order to steal your money or personal information,” and perpetrated by “phone, email, text, or even by messaging you on social media.”
The common denominator between them is that the threat actor seeks to induce the victim to make a payment or provide Amazon credentials, the latter leading to a Prime account takeover and all that entails.
Amazon Warns Of 5 Common Attack Trends
Amanda readily admits that such attacks are difficult to identify, hence the need for the warning email; however, it recommends that users be alert to certain red flags that can indicate this kind of attack methodology. Amazon has also compiled a list of the five most common scam attack trends that it sees impacting customers, although, as attackers are continually evolving their methods, it stressed that this cannot be a comprehensive list of tactics and techniques, but rather is a basis for understanding how scammers might strike.
How To Mitigate Prime Attacks, According To Amazon
The attack warning email from Amazon included a number of mitigation recommendations, including:
- You can find further advice from Amazon online regarding how it protects customers from scams, along with the best ways to report an attack.
- Check the BBB Scam Tracker database for Amazon attacks. Amazon has also partnered with the Better Business Bureau to enable customers to search a database of scams that allows the user to search by attack type, email, URL, brand, phone number and so on.
You can also use the BBB Scam Tracker tool to report scam attacks.