A reader forwarded a phishing attempt but wanted to know what the best way is to determine if a message is legitimate.
“I have read that signing directly into your account is a good way to determine if it is a fraud. If I sign in and there aren’t any messages within my account page after sign in, can I tell for sure?”
It’s a darn good way to check. If there’s an issue with your account, there will almost always be some sort of alert if you sign in. Most account dashboards have a place for messages and alerts. If you’re really concerned, you can always go to the account page and look for a link to contact customer service just to be sure.
Just make sure you don’t click on any link from the suspicious email.
I received that phishing e-mail. I checked my Amazon.com account. I then asked Amazon.com to call me. I received a call immediately. Amazon confirmed that the e-mail had not been sent by Amazon and sent me a link to submit the phishing e-mail to its fraud department.
Immediately after I checked my account, I received an e-mail and a text which perhaps did come from Amazon. I copy posted both e-mails into a e-mail to Amazon’s fraud department.