Amazon’s data breach email looks like a phishing scam

It appears that Amazon had a bit of a problem – and it very nearly went unnoticed.

An unknown number of Amazon customers reported yesterday and today that they had received an email from the online retail giant (see below).

Can you see the problem?

To many, the email looks to be a phishing scam of some sort. For one thing, there is no personalisation (you’d expect a company like Amazon to address its customers by name) or Amazon logo, and the odd URL at the bottom – which is missing the ‘s’ from https but has a capital A – would cause most wary recipients to delete it immediately.

However, The Register reports that Amazon’s UK press office said the email was genuine and that they “have fixed the issue and informed customers who may have been impacted”.

Has the ICO been notified? No idea – but I certainly hope so.

I think it’s fair to say that Amazon’s handling of this incident so far is very, very poor – and I strongly hope that it gets better.



  1. Junior 21st November 2018
  2. Phil Jones 22nd November 2018
  3. Sue 22nd November 2018
  4. Graham Mann 28th November 2018