Phishing email - spotted

ACTION REQUIRED: Udecpdated U.S. Tax Information Required [email subject]

Your U.S. tax information is set to expire

A new W-8 Tax form is required

Your W-8 form will expire on December 28th, 2023. Once your form expires, your selling privileges will be suspended until you provide updated tax information.

To complete your tax interview, follow these instructions:

1. In your [Amazon Seller Central ] account, go to Settings and choose Account
2. At the bottom of the page, click Tax Information
3. Click Update Tax Information
4. Answer all questions to complete the Tax Interview
5. Provide an e-signature for fastest validation.

You may be required to complete and mail a hard copy form or upload a signed soft copy within the tax dashboard depending on your interview entries or if you do not consent to provide an electronic signature.

NOTE: If you’ve already provided updated tax information in the last 7 days, no further action is required.

Thank you,

Amazon Tax Team

*For more information about tax information requirements, see our [Help page]

I’ve removed all links -

Thank you for sharing @Jack

It would very very helpful to also post a screenshot of the full e-mail, along with the header showing the actual sender.

The wording of the e-mail is nearly identical to real e-mails which Amazon actually sends sellers.

Sorry - Binned.

Sorry, I must have clicked delete on the first reply.

Yes that would be very helpful along with a printout of the all the HTML.

@Jack
Also it is very important to use a text only email client and block remote content from loading.
They can do much damage just by loading “fonts” from a CDN.

Also highly recommend all sellers collect PCAP data from their local machines and networks. PCAP is packet capturing and shows the routing of data to and from your device. Even though analyzing pcap is very involved you will now have evidence for law enforcement. They have the tools to decipher all the traffic.

Do some home work on “pegasus” it is a zero click threat to your “smart phone”.

I just found an interesting new phishing e-mail which is being sent to sellers:

IMG_9594922×2048 159 KB

Did that come in on an email you have registered with amazon or some other email address.

Are you able to view page source code on your device and see where the amazon logo loaded from and the actual destinations of those links?

No, I have seen it posted somewhere on social media and saved it to share it here for raising awareness.

The verbiage does not conform to Amazon’s style of writing. While I would find it suspicious, it’s good to let others know about it.

qualtrics.com is a genuine company used by Amazon for many things including verification.

The link looks genuine but it really depends if that’s where the link takes you.

If, when you hover your mouse on the link or long press the link on your phone, the new link that appears stays the same (exactly), then the email is genuine.

If different, it’s a scam.

To me, the e-mail appears genuine, since as you mentioned, Qualtrics is a site that is used for Amazon surveys. Also, the disbursement-appeals e-mail is correct.

However, the wording itself is odd and I have never seen anything like this before. Someone just shared it on FB again as a phishing e-mail (I still can’t see the sender):

IMG_96791019×753 168 KB

W8 tax-form spoof email - Mentioned here too.

https://sellercentral.amazon.co.uk/seller-forums/discussions/t/8c3fb716-04d7-444f-b87c-ad14440d1c90

https://sellercentral.amazon.co.uk/seller-forums/discussions/t/d5705092-3296-4377-9a28-68e5fbe3045c

Thank you for sharing. The most crucial thing, regardless of the e-mail text is to always check the sender.