Seller-Performance Phishing Scam?

Honestrade · 2019-05-14 12:35:55 UTC

definitely fishing scam

RedWing · 2019-05-14 12:36:31 UTC

I agree. Also, the email header seems to identify the email as originating from a gmail account.

It’s a very good phishing attempt.

BestFriend · 2019-05-14 12:42:04 UTC

Spoofed email to a TLD (aws2-amazon) does not resolve to an Amazon redirect.

You can always take the TLD and paste it into a browser to see where it resolves.

The TLD in this case is the entire domain “aws2-amazon” which is false. If it was “aws2.amazon” with a “dot” preceding amazon, it might work but in this case there is no sub-domain “aws2” that is recognized by amazon DNS.

So yes, a phishing scam.

Tyrone · 2019-05-14 12:43:12 UTC

How did they even get your email in the first place?

Rushdie · 2019-05-14 12:47:22 UTC

Forward to: stop-spoofing@amazon.com
https://www.amazon.com/gp/help/customer/display.html?nodeId=201127830

Amazon does not REDACT FOR PRIVACY.

Updated Date: 2019-05-04 <<<<
Created Date: 2019-05-04 <<<<

ICANN WHOIS:

ImageAbility · 2019-05-14 12:52:40 UTC

Going around, came up yesterday.

Nice work guys showing the and reviewing details for those not so knowledgeable on these intrusions.

Centaurus · 2019-05-14 12:52:54 UTC

The wording in this message is terrible, made me cringe. Even for a not-native-English speaker like me it sounds scammy

Gray_Power · 2019-05-14 12:53:56 UTC

It’s a better than average phishing email. The best proof is the fake email domain, as others have said, but it’s close enough to look valid at a glance. The first thing that popped out to me is the centered text, I doubt you will ever see that in any business communication.

RedWing · 2019-05-14 13:10:49 UTC

I thought it sounded pretty good.

RedWing · 2019-05-14 13:12:46 UTC

I agree – the dash gives it away.

Earth_Supply · 2019-05-14 13:17:31 UTC

I agree. The wording is very unprofessional!

archstanton_5796 · 2019-05-14 13:19:07 UTC

SCAM!. I got one too.

Rushdie · 2019-05-14 13:31:20 UTC

All you need to do is look up the domain name on ICANN WHOIS, as shown in my post here, which clearly shows the domain was created and updated on May 4, 2019.

ProfessorX · 2019-05-14 13:35:22 UTC

With the number of sellers reporting they’ve gotten this email, I’m more curious about how the spoofers are getting lists of sellers direct email addresses without working for Amazon. Oh, wait a minute…

RedWing · 2019-05-14 13:39:26 UTC

That is a VERY good question.

Fred_Levine · 2019-05-14 13:40:03 UTC

Just confirm the information they need and you should be fine.

Skeeter · 2019-05-14 13:41:00 UTC

2SV linkage?

RedWing · 2019-05-14 13:41:00 UTC

Lol, are you on the same planet?

MGBea · 2019-05-14 13:44:07 UTC

I have had worse from actual amazon employees LOL. But as far as a scam goes, I think it is a pretty good try especially if you are a newbie, I think some sellers will be fooled by this.

Diane · 2019-05-14 22:00:35 UTC

Doesn’t that indicate right there that it’s not genuine…or have things changed again and Amazon is now contacting sellers for such issues directly through our email client only?

I can’t keep up.