Amazon has issued a warning to all 220 million of its Prime customers about phishing attacks that aim to steal their personal information and credentials. The company’s alert comes after a spike in email scams claiming that subscription rates are about to rise, along with a cancel subscription button that leads to Prime account credential theft.
According to Pieter Arntz, a malware intelligence researcher at Malwarebytes, scammers have been impersonating Amazon in a Prime membership scam, sending fake emails and making phone calls to trick victims into revealing sensitive information. These attacks often create a false sense of urgency, asking victims to cancel orders or provide account credentials.
Amazon has warned its customers about the dangers of these attacks, which can include:
* Asking for personal or payment information
* Suggesting high-ticket item orders that need cancellation
* Requesting payments outside of legitimate Amazon channels
To mitigate these attacks, Amazon recommends verifying your Prime membership by opening the mobile app or visiting amazon.co.uk directly. It also advises checking the Message Center under “Your Account” to ensure messages are from Amazon.
Additionally, Amazon has partnered with the Better Business Bureau to enable customers to search a database of scams and report attack types using the BBB Scam Tracker tool.
If you suspect you have fallen victim to an Amazon Prime phishing attack, visit Amazon’s website for further advice on how to protect yourself.
Source: https://www.forbes.com/sites/daveywinder/2025/07/18/amazon-warns-220-million-customers-of-prime-account-attacks