Identity protection services including IdentityIQ reported a spike in Amazon‑branded phishing texts and fake refund notices designed to steal credentials and payment details. Experts advise verifying messages via official retailer apps or accounts and enabling fraud monitoring to reduce account takeover and payment theft risk.

IdentityIQ and other identity protection firms issued alerts detailing a pronounced increase in Amazon‑themed phishing campaigns and fraudulent refund texts as holiday shopping volumes peak. Scammers are sending messages that mimic Amazon formatting and branding, claim unauthorized charges or refunds, and include links leading to credential‑harvesting pages or fake login portals that capture account and payment information. The campaigns often pair social engineering with urgency, prompting victims to click immediately to ‘confirm a refund’ or ‘verify a purchase’. IdentityIQ's monitoring data shows elevated click rates tied to holiday purchase anxiety, and analysts warn that stolen credentials can be quickly monetized through account takeovers, fraudulent orders, or resale of payment data. Recommended consumer measures include verifying notifications in official retailer apps or account dashboards, avoiding links in unsolicited texts, enabling multi‑factor authentication, and enrolling in fraud alerts and credit monitoring. The advisory also encourages timely reporting to retailers and banks to halt fraudulent transactions and support recovery.