On November 24, 2025, Amazon sent an urgent alert to its 300 million global customers — with a sharp focus on UK shoppers — warning of a terrifying spike in phishing scams disguised as legitimate shopping sites. The message, confirmed by Amazon’s official Trustworthy Shopping page, came just days before Black Friday, when online spending in the UK typically surges past £10 billion. Cybercriminals, it turns out, aren’t waiting for deals to drop — they’re creating fake ones.
How the Scams Are Evolving
The numbers are staggering. According to data from NordVPN's Threat Protection Pro, cited by TechRadar journalist Joe Chivers on November 26, 2025, fake Amazon websites jumped 232% in October 2025 compared to September. That’s not a glitch. It’s a coordinated campaign. Fraudulent online stores overall rose 250%, and eBay clone sites? They exploded by 525%. Meanwhile, FortiGuard Labs found over 18,000 holiday-themed domains registered in recent months — 750 of them confirmed malicious. These aren’t amateur operations. They’re professional-grade fakes, complete with convincing logos, realistic checkout flows, and even fake customer service numbers.Here’s the twist: most people can’t tell the difference. NordVPN’s National Privacy Test revealed that 68% of consumers can’t distinguish between a real Amazon page and a phishing one. That’s nearly seven in ten shoppers walking straight into traps. And it’s not just about fake websites. Between August and October 2025, around 4,000 UK customers reported receiving fake emails or SMS messages claiming unauthorized purchases — all designed to panic them into clicking malicious links or handing over passwords.
Phone Scams Are Now the Main Threat
For years, email was the primary vector. But Amazon’s own data shows a chilling shift. In March 2025, phone-based scams overtook email as the top method used against UK customers. From February to March alone, those calls spiked 71%. Scammers now pose as Amazon support agents, saying your account has been locked, your delivery failed, or your payment failed — and they need your one-time code to “fix it.”“Amazon will never ask for payment details over the phone,” the company stressed in its official warning. “No legitimate communication will ever request your password or one-time code.” Yet, the pressure tactics are ruthless. One victim told LADbible she received a call during her lunch break claiming her account was “compromised.” She gave the code. Within minutes, £320 was spent on gift cards. By the time she realized it was a scam, the money was gone — and untraceable.
Why Black Friday Is the Perfect Storm
This isn’t random. It’s strategic. Black Friday in the UK is the biggest shopping day of the year. In 2024, consumers spent over £9.8 billion online. This year, analysts expect even more. Shoppers are distracted, excited, and bombarded with “limited-time offers.” Scammers exploit that rush. Fake ads for £100 AirPods or $200 PlayStation deals? They’re everywhere — on social media, search results, even YouTube. Click one, and you’re routed to a site that looks real. Until you enter your card number.Amazon’s internal data shows unauthorized payment attempts in the UK rose to 38% during the August–October window — up from 28% in April. That’s not a trend. It’s a red alert. And it’s not just Amazon. eBay, Argos, and even smaller retailers are being impersonated. The goal? Steal credentials, drain bank accounts, or sell your data on dark web marketplaces.
What You Can Do — And What Amazon Says to Do
Amazon’s advice is simple, but critical:- Never click links in unsolicited emails or texts — type amazon.co.uk directly into your browser.
- Always check for HTTPS and the padlock icon — but know that even that can be faked.
- Enable two-factor authentication on your account — it’s your best shield.
- Use strong, unique passwords. Don’t reuse them across sites.
- Report suspicious messages using Amazon’s self-reporting tool — or call customer service through the official app or website.
“If it feels off, it probably is,” said one cybersecurity analyst at FortiGuard Labs. “Scammers are now using AI to generate voice clones of real Amazon agents. They know your purchase history. They mention your last order. It’s terrifyingly personal.”
What Happens Next?
Amazon says it’s working with UK police and the National Cyber Security Centre to shut down domains and track offenders. But the scale is overwhelming. Every hour, new fake sites pop up. And while Amazon has taken down over 1,200 fraudulent domains in the last six months, new ones appear faster than they can be removed.Meanwhile, regulators are under pressure. The UK’s Competition and Markets Authority (CMA) is reviewing whether online marketplaces should be held legally responsible for third-party scams appearing on their platforms. That conversation is just beginning. For now, the burden falls on shoppers.
Here’s the hard truth: the safest place to shop this Black Friday isn’t on a search result or a pop-up ad. It’s on the official Amazon app. Or the official website. Typed in manually. No shortcuts. No clicks. Just you, your browser, and your common sense.
Frequently Asked Questions
How can I tell if an Amazon email is fake?
Real Amazon emails come from addresses ending in @amazon.co.uk or @amazon.com — never from Gmail, Yahoo, or random domains. Check the sender carefully. Fake emails often contain urgent language like “your account will be suspended” or “immediate action required.” Amazon will never ask for passwords, one-time codes, or payment info via email. If in doubt, log in directly to your account — don’t click any links.
What should I do if I’ve already given my details to a scammer?
Act immediately. Change your Amazon password and enable two-factor authentication. Contact your bank to block any unauthorized transactions. Report the scam to Amazon via their official reporting tool and to Action Fraud in the UK. If you shared bank details, request a new card. Scammers often test small purchases first — so check your transaction history for tiny charges, which are often used to verify stolen cards.
Are phone scams from Amazon real?
No. Amazon will never call you unsolicited to ask for your password, one-time code, or payment details. If someone claims to be from Amazon support and pressures you to act, hang up. Legitimate Amazon customer service only reaches out if you’ve initiated contact through their official app or website. Save the number 0800 279 7234 (UK) for verified support.
Why are fake eBay sites so common during Black Friday?
eBay’s marketplace model makes it easy for scammers to mimic third-party sellers. With 525% more fake eBay sites in October 2025, criminals exploit shoppers looking for deals on electronics and collectibles. These sites often use the same design as eBay, but the URLs are slightly off — like ebay-store.co.uk instead of ebay.co.uk. Always check the domain and look for buyer protection badges — if it’s not on the real eBay site, it’s fake.
Does Amazon refund victims of phishing scams?
Amazon’s A-to-Z Guarantee covers purchases made through its platform, but not if you’re tricked into paying a scammer directly. If you bought something from a fake site, Amazon can’t refund you — because no transaction occurred on their system. However, they’ll help you report the fraud and may assist law enforcement. Your best recourse is contacting your bank or card issuer to dispute the charge.
What’s being done to stop these scams long-term?
Amazon, the UK’s National Cyber Security Centre, and the CMA are collaborating to pressure domain registrars to block suspicious registrations faster. New legislation under discussion could require platforms to verify third-party sellers more rigorously. But until then, public awareness remains the strongest defense. The more people know the red flags, the harder it is for scammers to succeed.