I complained to Amazon --Who typed this answer?

I notified Amazon that my order didn’t arrive, and got an answer in English, but with odd grammar and style. It is similar to the style you see in those Nigerian prince email scams.

The letter began
"This is Dan from Amazon .com, I hope my e-mail finds you well.
We are truly sorry for the delay in replying to your email, we recently have a lot of emails from our dear customers, however we try to respond to all of them as fast as we can.

Following to your kind email , I understand your concern about your order #"
[the number is correct]
The email then goes into detail about my order, the name of the third-party seller who sells it through Amazon, etc. It has two links–which I did not click on: a link showing “Dan’s” communication on my behalf with the seller, and a link to the “A-z refund claim”, should I wish to cancel the order and claim a refund.
Both links begin with https://amazon.com/gp (followed by a lot of other stuff.) [And when I do a mouseover, it shows text identical to the link.]

The letter then ends with some more helpful info–and some overly-flowery language :
"I’ll be following up with you in order to assist you according the seller’s response .
I’ll be in touch with you again by the next Wednesday at 9 PM, to check the order status and assist you accordingly.

It is our privilege to have you as our valued customer and we want to make sure you are always taken care of.​​

Thanks for your patience and good understanding in this regard.

With the senses of deep gratitude for your kind cooperation and appreciation, let me please wish you a wonderful day!"
Now here are my questions:
Who typed this, and how did he get my details and order number?
I was expecting a bot to answer my complaint. But even if a real person did answer me, I would have expected different language. I would expect cut-and-paste boilerplate opening and closing lines, not flowery language and bad grammar “senses of deep gratitude”, “we recently have a lot of emails from our dear customers” Also, I appreciate the guy’s specific offer to be in touch with me “by next Wednesday at 9:00 pm”–I just kinda wonder which time zone he’s in. :slight_smile:

How does the reply email address work?
The sender’s address shows in the email as cs-reply @ Amazon. com,
When I click on the reply button (I’m using gmail) , the address line gets filled in as
cs-reply+A2B9 @ Amazon. com
[the part after A2B9 is 14 digits long]

Assuming this is all a scam, how does it work, since the links and replies appear to go to amazon dot com? In the links, there is the letter s in the prefix ( https ) . Can that be spoofed as easily as http without the S ?

I agree that’s some really scammy wording. Are you absolutely sure you notified Amazon through a legit site? Normally I just do it in the customer service chat and get it resolved right away.

I’ve had a lot of interaction with amazon about orders, including third party orders, and I’ve never been privy to the communication between amazon and the seller. This doesn’t seem legit to me.

Absolutely. If this was a real Amazon agent writing, it would not be so familiar and flowery.

“A-Z refund claim” RED FLAG.
Only scammers refer to a refund claim.

I’m inclined to guess that you complained to Amazon, and the complaint fell into the void, but the fact that you had just sent a complaint primed you to be receptive to a random scam spam with lucky timing.

The OP said the order number was correct.
I’ve read that some legitimate overseas call centers run a clandestine scam center on the side.

Well, that’s an unpleasant thought. Although there is precedent, like some outsourced electronics manufacturers running their production lines longer than required to satisfy their order and selling the counterfeit extras themselves under their customer’s trademark.

I think it’s legit. You’re probably dealing with the third-party seller, not Amazon itself. At best, it’s an Amazon service center located overseas.

I’ve gotten a similar email before from overseas sellers. This sort of language is more common there.

That said, I’d make sure to go through the Amazon Orders and Returns page instead of following any links. Any community cation with Amazon always told me they unlocked the return option there.

Exactly. The company the OP is actually dealing with is based in China or India or gosh knows where. Amazon is simply an advertiser and order-taker. And during the customer service phase Amazon’s involvement is equivalent to forwarding the OP’s email through Amazon’s computers to the seller and in turn forwarding their email response made to Amazon along to the OP.

The customer service worker handling the case is an employee of the seller. Or is a call center / online service center contracted by the seller to handle customer interaction.

Nothing scammy here in the slightest. Just worldwide “low prices are all that matters” commerce in action.

Well, it could be that the third party got hacked. There’s no particular reason to believe that’s the case here, but there’s also no particular reason to think the third party takes their internal security seriously. Could be the third party got hit by a phishing attack, a scammer got ahold of a bunch of emails, and is now using the information for further attacks.

It’s unlikely, but it’s a lot more likely than if the whole exchange had taken place via a dedicated mechanism on Amazon’s site.

Just one side topic: I don’t know of any way a URL can be spoofed. If you go to a web site and the URL starts with Amazon.com you are connected to Amazon, unless they have been somehow hacked and their web site taken over. (An email From address is the thing that is easy to spoof.) The only difference between HTTP and HTTPS is that if the URL is HTTPS, the traffic is being encrypted, and the site must have a CA certificate.

However, make sure that the URL you see in the email is actually the one that is linked. It is possible to have the text show one URL but have the underlying link connect elsewhere: www.straightdope.com

There are certainly games that can be played with URLs other then spoofing, like your example of a URL that doesn’t match the text. Another simple approach is obfuscating the address: for example, replace a lower-case L with an uppercase I, or take advantage of people not knowing what a host name is (www.straightdope.scammysite.com goes to scammysite, not straightdope). These aren’t hacks; they just depend on someone not looking closely.

A more involved hack would be to use a rogue DNS server, which is what maps the friendly URL to an IP address. This is easy to do by setting up a fake public wifi network and configuring it to use your own DNS server or redirecting URLs you want to capture. Or if your local coffee shop hasn’t secured their wifi router properly, just log in as admin and change it there. These require you to be connected to a compromised network.

Other exploits usually require some incompetence on the part of the target company. One that comes up every so often is a company forgetting to renew their DNS registration (the URL name), and some rogue grabs it and changes it to their own site. And as you mention, if someone hacks the company itself, all bets are off.

Good points. Like


The o is not an “oh” letter but a Greek omicron.

I’m confident this is the case. My Chase account was locked out. I called the correct number, had it unlocked. Problem solved. Now I was primed for having Chase respond to the issue, right? The next day, I was locked out again. Somehow, I ended up with “Chase” calling me. It was reasonable, right? They’d just helped me fixed my problem, and here I was again. As soon as the “Chase” rep. asked for my SMS’d code, I told him I’d call back and knew the jig was up. But, wow, me, knowing about social engineering, knowing about these scams and how they work. There’s no way I could have been subject to this victimization without it being an inside job. Despite the absolute trust I had in the system, I knew not to give out my SMS code at the moment of truth. But, wow, I could totally have done so, because it was so, so, well engineered, and wouldn’t have been possible without someone on the inside.

That is apparently detectable, in Chrome at least. When I hover over the link, the URL shows the encoded version of the URL, due to it containing a non-ASCII character. There’s actually a completely different system used for domain names than are used for URLs in general:

So the ones that are really bad are the ones that use an I or 1 for a lowercase L or similar. This is not something that HTTPS detects, but fortunately browsers tend to include URL phishing detection these days.

HTTPS will just verify that the site you connect to is the site it says it is. That aspect is mostly useful for when you’re on an untrusted Internet connection, e.g. at some wi-fi access point.

The Philippines? I know they have call centres there for dealing with customers in English speaking countries, they had pretty normal Western sounding names too.

And I’ve dealt with Amazon via email too in that way, always let the customer support know you’ll confirm how happy you are with their service, they’ll likely slip you a voucher on behalf of Amazon.

I’ve recently dealt with Amazon for a delivery issue. They said my package delivered and showed a picture of my neighbor’s porch. My neighbor actually opened the boxes in front of me to show it was their shipment. Anyway, I went to the email that gave me the tracking and clicked on the button for delivery issues and it didn’t go well. I hunted down another place on Amazon for delivery issues and it was clearly an automated process. It would allow you one attempt at a dispute and then stopped working. I clicked on the button that had them call me which was an immediate call and when I said who I was they hung up. The option to have them call me only worked once. I don’t know how they confused my shipment with my neighbor’s unless both of them were on the truck and the scans were crossed.

Basically their system determined my shipment was going to arrive the next day and if it didn’t I was to contact them at a later date. It appears to be set up to ignore any attempt at communication once the system has decided on a course of action.

I suppose it’s OK if they make things right but it was a very frustrating process. I was unable to communicate the issue beyond “didn’t receive”.

UPDATE from the OP—everything is okay.
It turns out the the emails from Amazon were legit.

After the suspicious-sounding letter (written in “Nigerian-prince” English and signed by a guy calling himself “Dan”), Ii received another email from a different person at amazon (written in good English).
The second letter mentioned Dan by name, and stated that he was following up the issue with the company I ordered from. They apparently checked with the third-party company I ordered from, and a day later I got a message from the third-party company in which they provided me the tracking number which they had not provided at the time they shipped my order to me.

The tracking worked, and my package arrived. A week late, but at least it arrived.

NO i get that type of over written flowery answer from every amazon rep I’ve ever talked to in the past few years