Sell on Amazon Sign In
This article applies to selling in: Japan

Identifying false (spoofed) e-mails

You might receive emails from Amazon, such as Sold, Ship Now emails or Technical Notification emails. However, sometimes you might receive emails that are not really from Amazon, even if at first glance they may appear to be. Instead, such emails are falsified and attempt to convince you to reveal sensitive account information.

These false emails, also called "spoofed" emails or "phishing," look similar to legitimate emails from Amazon. Often these emails direct you to a false website that looks similar to an Amazon website, where you might be asked to give account information, such as your email address and password combination.

Unfortunately, these false websites can steal your sensitive information, which can then be used without your knowledge to commit fraud.

To protect yourself from responding to these emails, you can follow some simple rules:

What Amazon will never ask for

Amazon will never ask you for the following information in an email communication:

  • Your bank account information, credit card number, PIN number, or credit card security code (including "updates" to any of the above)
  • Your mother's maiden name or other information to identify you (such as your place of birth or your favorite pet's name)
  • Your Amazon or Seller Central password

Review the email for grammatical or typographical errors

Be on the lookout for poor grammar or typographical errors. Many phishing e-mails are translated from other languages or are sent without being proof-read. As a result, these messages can contain bad grammar or typographical errors.

Check the return address

Is the e-mail from Amazon.co.jp or Amazon.com or from a "phisher"? Genuine e-mails come from an e-mail address ending in "@amazon.com", "@amazonsellerservices.com", "@sell.amazon.com" or "@amazon.co.jp".

While phishers often send forged e-mail to make it look like it comes from Amazon, you can frequently determine whether it's authentic by checking the return address. If the "from" line of the e-mail looks like "amazon-security@hotmail.com" or "amazon-payments@msn.com," or contains the name of another Internet Service Provider (ISP), you can be sure it is a fraudulent e-mail.

Most e-mail clients let you examine the source of the e-mail. Check the e-mail header information to see that the "received from," "reply to," and "return path" for the e-mail comes from @amazon.com or @amazon.co.jp.The method you use to check the header information varies depending upon the e-mail client you use.

When in doubt, go directly to the Seller Central website

Some phishing e-mails include a link that looks as though it will take you to your Seller Central account, but it is really a shortened link to a completely different Website. If you hover over the link in your e-mail client, you can sometimes see the underlying, false Web address, either as a pop-up or as information in the browser status bar.

The best way to ensure that you do not respond to a phishing e-mail is to always go directly to your Seller Central account to review or change anything about your account after entering your password.

Note: Never click a link embedded in an e-mail.
Note: In some cases, hovering your mouse over a link can still show a spoofed address instead of the real address. Do not depend upon hovering over a link to determine whether a link is real. In every case, never click a link embedded in an e-mail.

Do not "Unsubscribe"

Never follow any instructions contained in a forged e-mail that claim to provide a method for "unsubscribing." Many spammers use these "unsubscribe" processes to create a list of valid, working e-mail addresses.

Use the features in Seller Central to track your orders

The Sold, Dispatch Now e-mail can be a useful tool, but the most accurate and up-to-date information for your orders is always found by clicking the Orders tab in Seller Central. The default page, Manage Orders, shows you the most recent orders.

Help stop phishers and spoofers

You can make a difference! Amazon has filed several lawsuits against phishers and spoofers; these lawsuits came about from information provided to Amazon through the stop-spoofing@amazon.com e-mail address.

Report spoofed e-mails to Amazon

  • Create a new e-mail to stop-spoofing@amazon.com and attach the original, spoofed e-mail. Sending the e-mail as an attachment is the best way to preserve the "header information," which makes it easier for Amazon to trace the origin of the forgery.
  • If you cannot send the forged e-mail as an attachment, forward the e-mail to stop-spoofing@amazon.com, and include as much of the header information as you can.

To locate the header information, configure your email program to show All Headers. (This varies, depending on the email program you use.) The headers we need are well labeled and will look similar to this example:

X-Sender: someone@domain.com

X-Sender-IP: [10.1.2.3]

X-Date: Tue, 08 Apr 2003 21:02:08 +0000 (UTC)

X-Recipient: you@domain.com

X-OUID: 1

Note: Amazon is not able to respond to all emails reporting spoofed emails or phishing, although we do read them and take action as appropriate. If you have specific questions about your account, search Seller Central Help or contact us.
Sign in to use the tool and get personalized help (desktop browser required). Sign In


Reach hundreds of millions of customers

Start selling on Amazon


© 1999-2022, Amazon.com, Inc. or its affiliates