Amazon has issued several warnings about scams that target online sellers, indicating it’s taking the problems seriously and wants its third-party sellers to do the same.
The warnings issued to sellers, all published this month, cover three issues. The first, “Watch out for phishing,” posted on December 7th, defines phishing as an attempt to steal sellers’ confidential information, including user name, password, or One Time Password via an email or other direct communication.
“A hacker can fake sender information, tricking you into believing the message is from Amazon, while directing you to another website that is designed to steal your account information,” Amazon explained. “Amazon takes this issue very seriously, and to make it easy to identify phishing attempts, we will never ask you to verify sensitive information over email.”
The marketplace also provided the following advice:
- While domains can appear legitimate at first glance, Amazon will never ask you to log in to a website other than “sellercentral.amazon.com” or “amazon.com.”
- Please also note that if you receive emails about your account health, you can check the Account Health page in Seller Central to confirm their legitimacy. Whenever in doubt, go directly to Amazon or the Seller Central website in your web browser and send any suspicious emails you receive to firstname.lastname@example.org.
On December 9th, Amazon advised sellers to “Keep an eye out for important account change notifications.”
“After any important changes to your selling account’s banking, credential, or Two-Step Verification settings, Amazon will send you an email alert,” it explained. “If you receive these email alerts and do not recall making any account changes, please review your account and take steps to protect yourself if necessary (see our next article).”
It also advised sellers, “If you receive a One Time Password sent to your Two-Step Verification enabled device and you are not actively logging in to Amazon, reset your password immediately and review your account for any other unauthorized changes.”
A third warning came on December 11th: “Know what to do if your account has been compromised” – immediately reset your password under Account Settings, it said, adding, “If you cannot access your account with your credentials, you can reset the password by selecting Forgot my Password on the log in page.”
Amazon also advised sellers, “If you notice unauthorized orders, listings, or other changes to your account, please contact Seller Support as soon as possible and inform us that your account has been compromised.”
Phishing, account takeovers, and other types of fraud have plagued sellers for nearly 2 decades. Educating sellers (and buyers) is important, as are periodic reminders to stay on your guard.